Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Is it possible to ping VPN remote on NIC IP?


PIX 501 running 6.3 on a 192.168.1.x LAN.
Cisco VPN client (5.06) on an XP SP3 desktop running on a remote LAN set to 192.168.0.x.
I need to be able to ping the desktop's NIC ip address of 192.168.0.11
I can ping the VPN group assigned IP address of 192.168.44.100 and reach shares on the desktop using that IP address but not using 192.168.0.11.
A softphone app I want to use must be able to be reached from 192.168.1.x LAN over VPN to the remote's NIC address of 192.168.0.11
I wanted to make sure this is possible before posting my PIX configuration.
I tried adding the following:
access-list inside_outbound_nat0_acl permit ip 192.168.1.0 255.255.255.0 192.168.0.96 255.255.255.240
access-list outside_cryptomap_dyn_20 permit ip any 192.168.0.96 255.255.255.240
Thanks
1 REPLY
Bronze

Re: Is it possible to ping VPN remote on NIC IP?

I don't think this is possible, but you might try adding a route to a server on the 192.168.1.x LAN with a destination of 192.168.0.11 and next hop of 192.168.44.100 (or whatever IP your client VPN adapter is assigned).

You'd still need the no-nat ACL you posted.

Very curious to know if this works!

James

218
Views
0
Helpful
1
Replies
CreatePlease login to create content