we had an internal IP scheme that was a public address range (130.1.X.X). We changed it over this prior weekend to a private 172.16.X.X address range.
The original IP Pool for the VPN clients was 172.16.0.1-253. We decided to seperate them to avoid any confusion. Since the change no user has had an issue but this one . He has connected before, but with the old VPN IP Pool addresses.
I asked him for an Ip config/all and noticed that his NIc was the same IP as the cisco VPN, and thought that was the issue. I also relized that any other home user with a router/access point will probably have the same problem at some point due to the default settings of those devices. So I decided to change the IP for the pool to 192.168.99.1-253. But this did not allow anyone to connect. I cannot resolve names or IPs until the pool is set to 192.168.1.1-253.
I do not have that command in my PIX. I am not a very PIX savy person. since we rarely touch it except in occasions like this.
I am using the PDM interface. I gather from other posts that this isnt the thing to use, but again I am very green when it comes to routers.
I did change the access rules to reflect the new IP pool. I also found under VPN tab - IPSec rules that the new IP pool was not in there. I have corrected this. I assume that this is the nat excemption acl you are speaking of?
I dont know where the crypto setting is?
I have no issue with any other users. Just this user who happens to have the same IP address as the IP pool. Is this causing the issue?
I will try changing the IP pool to another class C address and test VPN again. But I will look for the setting I missed.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :