I got interested in networks about a year ago. We had some spare networking kit lying around in our office and I decided to set up a lab.
I've been able to configure NAT w/ PAT on a cisco 3825.
I've got 1 access list, "Overloading" my OUTSIDE int, and a few "ip nat inside source static..." entries to handle my port forwards.
It's a very basic setup.
The router died recently, so I got a cheap replacement form ebay. Setting it all up was WAY easier than last time, so I decided to try something new.... VPN.
I'd previously had a port forward to a computer that was a VPN server, but I was able to use Cisco CCP to help me configure VPN. Yes, technically cheating for all you CLI-heads out there, so sorry-- to make you happy, I did thoroughly inspect and spent extra time appreciating the code it wanted to inject to my router.
Now, I've got VPN working, and I can access all the PC's on the LAN I'm VPN'ing to, but -- I can't access the web when connected to VPN.
I've fiddled with the access list, trying to make it ANY/ANY.
I'm not really sure what to do.
I looked around and most of the stuff out there is for a site-to-site, or PAT running on a tunnel...
My issue is pretty basic, probably. I just cant access outside when on VPN.
I'm more than willing to have another translation method.
I've attached my router config.
Can you have a look and let me know what would need changing...
ip route 10.0.0.0 255.255.255.0 XXXXX where XXXX is my external IP on my outside interface.
It's returned: "invalid next hop address (it's this router)"
I've tried entering my external static IP, no dice.
I also tried creating the route map, updating the nat statement and remving the PAT statement, but I can't seem to access two things:
1- Devices on 192.168.1.0 can't access the internet
2-Devices on VPN 10.0.0.0 CAN access the internet, but can't access other devices on 192.168.1.0
I really appriciate the help thus far. It's cool, becuase It's not all on you, and you point me in the right direction to fiddle with this and get it working. I'm a bit stuck now, so I don't know where to go from here.
What I'd really like is to have:
192.168.1.0 access to the internet via NAT or NAT w/ PAT.
10.0.0.0 access to the internet, but also access to devices on 192.168.1.0.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...