I have very simple network
--LAN--ROUTER--INternet------VPNClient
|
|
DMZ
IP pool for the vpn client is the same like in LAN (192.168.1.0/24)
mjans001 wrote:
> Last time iot worked for me I used another private range (than i use in
> the lan) for the vpn clients, and had to triple check my access-lists,
> especially the one that encrypts from lan to vpn client. Make sure that
> your vpn headend (2600) is the default gateway for that vpn client lan,
> or give away a static route per server.
>
> Martijn
>
> -----Oorspronkelijk bericht-----
> Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Namens Jacek
> Malinowski
> Verzonden: maandag 16 december 2002 22:53
> Aan: [EMAIL PROTECTED]
> Onderwerp: Re: VPN Client+IOS [7:59283]
>
>
> I have 4 interfaces:
> Serial 0/1 - public IP for example 1.1.1.1
> fast 0/1 -public IP for example 2.2.2.2
> fast 0/0 -LAN IP : 192.168.1.1/24
> My ip address pool for VPN : 192.168.1.170-192.168.1.190
> On VPN padlock i haver Ip address from router for example 192.168.1.170
> but I can't ping any address on LAN.
> I don't know I am using the newest VPN Client :
> vpnclient-win-is-3.6.3.Rel-k9
> I have ip nat inside on Fast 0/0 and outside on ser 0/1 but without
> doesn't work to :(.
>
> Ben Woltz wrote:
>
>>The IP address that your VPN Client gets from the router, are you
>>advertising that route through your network?
>>
>>""JM"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>>
>>
>>>Hello
>>>I am trying to run VPN beetwen VPN Client 3.6.2.A and Cisco 2651. On
>>>Cisco router I have: Software with 3DES/IP PLus/FW/IDS - Version
>>>12.2(11)T2 Router has 4 interfaces:
>>>serial 0/1 - Internet here I gave cryptomap
>>>fasteth 0/1 -DMZ
>>>fasteth 0/0 -LAN ( here I want to be tgrough VPN)
>>>I have the same configuration like in TAC help :
>>>http://www.cisco.com/warp/customer/471/ipsecrouter_vpn.html
>>>VPN Client can login inside router, and I have ipaddress from router,
>>>but I don't see anything. I can't ping.
>>>I have question ?
>>>Where am Im inside the router ? I am in, but I don't see anything.
>>>When I will have : ip access-list out on fast0/0 (LAN) what should I
>>>enable ? I have nat inside on fast 0/0 and outside on ser 0/1
>>>Regards
>>>JM
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59357&t=59283
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
