Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

reverse route injection on vpn client tunnel?

Hello,

We have a customer with a Cisco 1841 router which is also used for remote access vpn

The config is like this:

                  

crypto isakmp client configuration group VPNaccess

key xxxxx

dns 192.168.169.1

domain xxxx.local

pool vpnpool

acl split-acl

include-local-lan

ip access-list extended split-acl

permit ip 192.168.169.0 0.0.0.255 any

ip local pool vpnpool 172.18.19.1 172.18.19.254

Now, people can reach servers on the 192.168.169.0 subnet, but behind 192.168.169.250 there is a subnet with range 172.16.169.0 /24 which we want to reach via vpn. I believe this needs to be done by configuring reverse route injection? But how to configure this for vpn remote access client tunnels?

The 1841 runs software 12.4

Thank you for your help

Kind regards,

Ralph Willemsen

Arnhem, Netherlands

4 REPLIES
Cisco Employee

reverse route injection on vpn client tunnel?

Ralph,

RRI inserts routes for remote subnets on router, in case of ezvpn remote subnet is the client assigned IP address.

What you're looking for is to change your split tunneling ACL, i.e. add a new entry.

M.

New Member

reverse route injection on vpn client tunnel?

Hello,

Thank you for your answer. The acl in the client vpn config (split-acl) permits access to all networks.

What I noticed was, that the 3rd party didn't have the L3 switch as gateway configured, so packets couldn't travel back. That's all.........

Thanks for your help anyway, really appreciate this.

Kind regards,

Ralph

New Member

reverse route injection on vpn client tunnel?

Hello Ralph

i had few weeks ago the same "Problem"  finaly i fixed the stuff

have a look at   -- http://www.klick.us/?page_id=611 --

i did a dokumentation about the stuff how it works for my company

i fixed this with ACL´s 

New Member

reverse route injection on vpn client tunnel?

Thank you, I solved it, see my reply above.

384
Views
0
Helpful
4
Replies
CreatePlease login to create content