Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
975
Views
11
Helpful
5
Replies

Cisco 1841 VPN connect but no access to external LAN

e-fik1234
Level 1
Level 1

‎03-12-2012 10:28 AM

Hi all,

i am seeking help with my configuration of Cisco 1841. I am new to cisco, so pls go easy on me.

I was able to configure the cisco to accept VPN connections from clients. But when i am connected i can not access the VPN LAN. My cisco VPN client shows all the time Packet Decrypted: 0 when connected. I tried the split tunneling configuration based on the example on cisco.com for split tunneling.

I include config for better understanding.

The outside interface is fa0/1 with ip 10.0.0.2 w LAN 10.0.0.0

Inside interface fa0/0 with ip 192.168.10.9 w LAN is 192.168.10.0

IP for VPN clients 192.168.20.100 - 105

I would really appriciate any help. I already tried some more nat rules and route adds but nothing really helped me.

Thank you

Petr

Labels:
124313-RunningConfig.txt.zip
0 Helpful
5 Replies 5

rizwanr74
Level 7
Level 7

‎03-12-2012 10:47 AM

apply this config as you are missing nat.

ip access-list extended PAT_ACL
deny   ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255
permit ip 192.168.10.0 0.0.0.255 any


ip nat inside source list PAT_ACL interface FastEthernet0/1 overload

Let me know result.

thanks

Rizwan Rafeek

e-fik1234
Level 1
Level 1
In response to rizwanr74

‎03-12-2012 05:23 PM

Thank you Rizwan for such a quick answer.

I added nat config to my router but the result is still the same. I can connect but after successful connection i can not ping nor connect  to any remote PCs or other devices.

Still stays the same.

Petr

0 Helpful

rizwanr74
Level 7
Level 7
In response to e-fik1234

‎03-12-2012 06:46 PM

You might want to add tunnel source as well.

interface Virtual-Template1 type tunnel

tunnel source Loopback0

I also found a link, below about DVTI and you might want to refer it as well.

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/prod_white_paper0900aecd803645b5.html

let me know.

thanks

rizwanr74
Level 7
Level 7

‎03-12-2012 07:12 PM

Please read this thread, you will be able copy whole config from this thread, it is also radius base authentication.  I actually tested for this client.

https://supportforums.cisco.com/message/3540503#3540503

thanks

e-fik1234
Level 1
Level 1
In response to rizwanr74

‎03-21-2012 03:53 PM

Hi Rizwan,

took me a little while to get back to my configuration.

thank you for help with PAT settings, the main problem i had was that ip routing was disabled and also ip cef.

I enabled the ip routing and ip cef and VPN works fine now.

Petr

0 Helpful
Customers Also Viewed These Support Documents