Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

INSIDE TO INSIDE VPN. HELP NEEDED !!!

I have created an inside to inside VPN.

The inside interface ip is 192.168.93.249.

The VPN POOL is 192.168.96.1 - 192.168.96.14

Once the client is connected he does get the IP 192.168.96.1 pingable to 192.168.93.249.

However the gateway part is empty wheni run ipconfig on the client side..

Moreover now i need this client to connect to 192.168.100.1, This host is reachable from the 192.168.93.0 network. But the VPN client cannot access it. In the ASDM i get  a portmap translation error for the 192.168.96.1.

Please advice.

I have this crazy inside - to - inside vpn as per certain scenario i am facing at work.

-- hassan

1 REPLY
Bronze

Re: INSIDE TO INSIDE VPN. HELP NEEDED !!!

Hi Hassan.

not sure what you mean by inside to inside vpn, can you please elaborate?

can you provide the client routing table after you connect? (route print from command prompt).

portmap creation failures, usually mean there is a NAT Issue. however usually you don't do NAT when doing vpn client configuration. you use something called nat exemption. here is a sample configuration for vpn clients to ASA:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008080f2d1.shtml

notice from the example the nat exemption part for the vpn client traffic:

access-list 101 extended permit ip 172.16.0.0 255.255.0.0 10.16.20.0 255.255.255.0
ip local pool vpnclient 10.16.20.1-10.16.20.5

nat (inside) 0 access-list 101

if you still can't fix it, then please provide the config (remember to erase the parts you don't want others to see).

let me know if this helps.

Regards,

Fadi.

318
Views
5
Helpful
1
Replies
CreatePlease login to create content