Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

reach remote subnet after remote access vpn is established


With a customer I have added a (voice) vlan to his network, which is reachable one hop further than the (vpn) gateway, i.e. via a L3 switch. The (vpn) gateway, an 1841 router has a route to the voice lan and from the internal network we can reach the telephony server via the L3 switch. However, via vpn this is not working. I have made a drawing of it, please see attached.

The 1841 has this configured:

crypto isakmp client configuration group blablabla

key blabladiebla


domain customerlan.local

pool vpnpool

acl split-acl


Note, the vlan 20 is not configured on the 1841, it only has a route to vlan 20, via the L3 switch. How can I configure the vpn so that remote users can also reach the voice vlan?

With kind regards,

Ralph Willemsen

Arnhem, Netherlands

Everyone's tags (4)
Super Bronze

reach remote subnet after remote access vpn is established


Seems you use Split Tunnel mode VPN Client connection and have defined the network to be tunneled with the ACL "split-acl".

So I would presume that at the very least you would need to add the new LAN network to that ACL. You probably also have a NAT0 configuration in some ACL related to the NAT configuration to which you would need to add a rule for this new network also.

- Jouni