09-01-2014 01:09 AM - edited 02-21-2020 07:48 PM
Hi,
We have configured Remote Access VPN on Cisco IOS router. Users are able to access the inside resources but cant communicate to each other. Any suggestions on the issue?
Regards
Saif
09-01-2014 03:05 AM
What type of RA VPN have you set up? (AnyConnect, IPsec VPN, Easy VPN)
--
Please remember to select a correct answer and rate helpful posts
09-01-2014 05:02 AM
IPSec Remote Access VPN
09-01-2014 05:14 PM
Try adding this to the config and see if the behavior changes
same-security-traffic permit intra-interface
and you might also try its companion command
same-security-traffic permit inter-interface
HTH
Rick
09-02-2014 02:49 AM
Actually..these commands are for ASA. We are discussing the IOS VPN.
09-02-2014 04:16 AM
I obviously did not read the original post carefully enough. Thank you for pointing out the difference in platform.
HTH
Rick
09-02-2014 05:52 AM
You must insert the inside host in the access-list crypto and in the access-list nonat (nat(INSIDE) 0)
09-02-2014 06:08 AM
I have already mentioned this in one of my posts, and NAT 0 is an ASA function we are talking IOS here (ie. routers)
09-02-2014 02:39 AM
Have you excluded the VPN traffic from being NATed when traffic is going between clients?
Please post a full sanitised configuration of the router so we can check it for configuration issues.
--
Please remember to select a correct answer and rate helpful posts
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: