Hi, Namit

I have seen this document, but I want allow secure access from corporate resources to local lan that behind the PC with Cisco VPNC via IPsec.

Please loot at my simple network topology (figure attached).

ip pool for vpn client is range from 172.20.0.0 to 172.20.7.254

remote lan address is 10.x.y.0/24

corporate lan address is 192.168.0.0/16

My question is can the Cisco VPN Client send it static routes into secure device via any dynamic routing protocols RIP, EIGRP or OSPF

Now on cisco asa it looks as:

asa#sh routes

D    172.18.0.104 255.255.255.248 [90/3072] via 172.31.2.2, 88:59:24, inside
D    172.18.0.88 255.255.255.248 [90/3072] via 172.31.2.2, 88:41:48, inside
D EX 172.18.0.80 255.255.255.248 [170/259072] via 172.31.2.2, 88:59:24, inside
D    172.21.0.240 255.255.255.248 [90/3072] via 172.31.2.2, 88:59:24, inside
D    172.21.0.8 255.255.255.248 [90/3072] via 172.31.2.2, 88:59:24, inside
D    172.21.0.0 255.255.255.248 [90/3072] via 172.31.2.2, 88:59:24, inside
S    172.20.5.153 255.255.255.255 [1/0] via 84.253.79.1, outside
S    172.20.5.149 255.255.255.255 [1/0] via 84.253.79.1, outside
S    172.20.5.148 255.255.255.255 [1/0] via 84.253.79.1, outside
S    172.20.5.151 255.255.255.255 [1/0] via 84.253.79.1, outside
S    172.20.5.150 255.255.255.255 [1/0] via 84.253.79.1, outside
S    172.20.5.145 255.255.255.255 [1/0] via 84.253.79.1, outside
S    172.20.5.147 255.255.255.255 [1/0] via 84.253.79.1, outside
S    172.20.5.146 255.255.255.255 [1/0] via 84.253.79.1, outside
S    172.20.5.141 255.255.255.255 [1/0] via 84.253.79.1, outside
S    172.20.5.143 255.255.255.255 [1/0] via 84.253.79.1, outside

And I want get dynamic route to remote lan via IPsec

D    10.x.y.0 255.255.255.0 [90/3072] via 172.21.6.3, 55:59:24, outside

OR

O    10.x.y.0 255.255.255.0 [110/3072] via 172.21.6.3, 55:59:24, outside

Sorry for my english, Thanks

Hi Jennifer,

Unfortunately I was surmised about it

Thanks for you answer