I have a Cisco 871 router which is connected to the internet. I would like to allow a few remote users to VPN into the office using the Cisco VPN Client. Currently, I can get the VPN Client to authenticate and connect. However, whenever I try pinging something inside the private network I get a reply from the external IP of the router instead. Here is the config as it stands right now. If anyone can point out what I am doing wrong I would really appreciate it. Thanks!
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
logging buffered 51200 debugging
logging console critical
enable secret 5 xxxxxxxxx
aaa authentication login userauth local
aaa authorization network groupauth local
aaa session-id common
clock timezone PCTime -6
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1 192.168.0.99
ip dhcp excluded-address 192.168.0.201 192.168.0.254
BTW ... I think the problem is with NAT ... Everything works fine if I disable NAT on the inside and outside interfaces. However, when NAT is enabled I cannot route into the private LAN when connected via VPN.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...