Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ezvpn,client can't access the intenel network.

topo structure:

remote user ---internet---pix(inside:130.0.0.0/8,10.0.0.0/8),remote user can get the local pool's address,but it can't access the 130.0.0/24,10.0.0.0/8.

  • VPN
5 REPLIES
Cisco Employee

Re: ezvpn,client can't access the intenel network.

This is your issue:

ip local pool local_pool 130.58.1.65-130.58.1.126

route inside 130.0.0.0 255.0.0.0 130.58.1.253 1

The PIX is sending anything destined to your VPN client pool back out the inside interface, when it needs to be sent out the outside interface. Add a more specific static route for your VPN pool pointing out t eoutside interface as follows:

route outside 130.58.1.64 255.255.255.192 202.196.16.44

and you should be good to go. Another way around would be to just change your VPN address pool to say, 192.168.1.1-192.168.1.254, then the PIX would use the default route pointing out the outside int.

New Member

Re: ezvpn,client can't access the intenel network.

I try "route outside 130.58.1.64 255.255.255.192 202.196.16.44 ",it is no use.

and i try "192.168.1.1-192.168.1.254",it won't work.

sb help me,thank you in advance.

New Member

Re: ezvpn,client can't access the intenel network.

Did you modify the ACL for 192.168.1.0/24?

New Member

Re: ezvpn,client can't access the intenel network.

i am sure i modify my acl,when i user the 130.58.1.65~126 as local_pool,i can access intenel network hosts which use linux/unix server,but i can't access the others hosts and swithes, routers.when i user 192.168.1.0,i can't access any hosts.

sb can help me,it'd better entering my network to watch.

my email: wilshen@gmail.com

New Member

Re: ezvpn,client can't access the intenel network.

i had resolved my problem,it is the local_pool's problem. thank for helping me.

160
Views
0
Helpful
5
Replies
This widget could not be displayed.