Cisco 871: Allow connections between two different VPN subnets
We have two Cisco 871 routers in different locations which are VPN'ed together using EzVPN Server and EzVPN Remote. They are set up as follows
*** Primary 871 ***
Role: EzVPN Server
*** Remote 871 ***
Role :EzVPN Remote
Because there is a VPN connection between these two routers, users on the 192.168.0 subnet can access the 192.168.1 subnet and vice versa without issue. However, we also have users out in the field who are using the Cisco VPN client on their machines to establish a VPN connection to the Primary 871. Once connected, these users receive a 192.168.9 IP address via DHCP, and have full access to the 192.168.0 subnet. However, these users are unable to access the 192.168.1 subnet. I'm guessing that this is a NAT and/or ACL problem, but I'm not quite sure which rules need to be in place on which router(s) in order for the 192.168.1 subnet and the 192.168.9 subnet to be able to communicate with one another.
If anyone could provide any insight/assistance on this matter, it would be much appreciated.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...