Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Remote VPN help

I am setting up a remote vpn connection for some of my users to connect to our shared servers from home. The internal network on the trusted side of the firewall is 10.0.6.0/24. When i setup the remote vpn to give vpn users Ip addresses from this range everything works fine. However I want to have remote vpn users on a seperate range because i anticipate a large number of remote users in the future.

When i setup the remote vpn ip pool to a range say 10.0.10.0/24 i can connect to the VPN but I cannot access the servers behind the firewall. I tried to add a policy for those users using ASDM but it still does not work.

Can someone please help me?

Thank You

3 REPLIES
Cisco Employee

Re: Remote VPN help

Eric,

Check the following:

1. Does your internal network(s) know where to route the packets destined for 10.0.10.0/24. Since the pool of ip addresses is being assigned by the pix to the VPN Remote Users, make sure that your internal routing routes the packets to the pix for the 10.0.10.0/24 network.

2. Do you have any Access-List applied on the inside interface of the pix. If Yes, do allow traffic from your internal network to talk to 10.0.10.0/24.

3. If your are doing NAT/PAT on the pix, make user that NAT is bypassed for traffic sourced from your internal network and destined to 10.0.10.0/24. You can use NAT 0 to bypass NAT.

Please check the above and let me know if it works.

I hope it helps.

Regards,

Arul

New Member

Re: Remote VPN help

hey i tired to do what you suggested and i still cannot connect through the vpn. Well i can connect but i cannot access anything behind the firewall. Do you know of anywhere i can find a walkthrough to help me with this.

Thank You

Gold

Re: Remote VPN help

Just to add...

Do you have - isakmp nat-traversal on your configuration on the PIX? If not apply this and try again.

Jay

123
Views
0
Helpful
3
Replies
CreatePlease to create content