Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

vpn tunnel is up, destination host unreachable

We're (us & our consultants)able to see others end of the tunnel but they (consultants) are not able to reach the hosts they're after. What could have gone wrong as it use to work before. We've never done any changes to the firewall settings? What kind of a problem is this and how do I resolve it if it's firewall related? Note that the hosts the clients are trying to reach up and PINGable.

3 REPLIES
Community Member

Re: vpn tunnel is up, destination host unreachable

Please help. My query is posted above. The VPN tunnel is up. I can see my peer. But the hit counts to my internal hosts are on 0. My consultants can't access these hosts. Where do you think the problem will be? Is it on the firewall, routing or the hosts themselves? Please help!

Community Member

Re: vpn tunnel is up, destination host unreachable

It's hard to diagnose without some configs, but I DO NOT recommend posting your configs here.

My suggestion is to turn on logging on the client and your firewall (PIX, ASA or ?). You might get a clue if the firewall is dropping packets. Otherwise, I would suspect a routing problem.

Here are my questions:

Are you using split-tunneling? Do the hosts have a route back to the VPN users? Are there some ACLs on the inside interface of the firewall? Do you see the client traffic on the next hop router after the firewall?

Ron

Green

Re: vpn tunnel is up, destination host unreachable

You can post your configs, just remove passwords, public ip's etc.

1785
Views
0
Helpful
3
Replies
CreatePlease to create content