Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

VPN issue, can't contact hosts on LAN

Hi all..

For my work i've been put on a project tot manage the connections to several locations in Yemen.

The connection to the remote routers (IPsec) works well. I mean that I can contact the router via my vpn client using the yemen group. But the thing is that i simply can't reach the hosts on the inside of the remote network.

What in the config can be the problem. Is i the ACL entry?

Maybe you guys can help me out of this.

Any answer can be helpful!

--Config removed-

2 REPLIES
Cisco Employee

Re: VPN issue, can't contact hosts on LAN

ACL 110 that you have assigned for split tunnel ACL does not seem to exist as per your configuration.

ACL 110 should say:

access-list 110 permit ip 10.0.0.0 0.0.0.255 10.10.10.0 0.0.0.255

Also, ACL 2 that has been assigned to the NAT statement, needs to be changed to an extended ACL, as follows:

access-list 120 deny ip 10.0.0.0 0.0.0.255 10.10.10.0 0.0.0.255

access-list 120 permit ip 10.0.0.0 0.0.0.255 any

ip nat inside source list 120 interface Dialer0 overload

no ip nat inside source list 2 interface Dialer0 overload


Hope that helps.

Community Member

Re: VPN issue, can't contact hosts on LAN

Thanks for your help halijenn. This indeed fixed the connection problem !!

380
Views
5
Helpful
2
Replies
CreatePlease to create content