topic Routing troubles behind VPN3000 in Network Security https://community.cisco.com/t5/network-security/routing-troubles-behind-vpn3000/m-p/282933#M1059844 <P>Hello,</P><P></P><P>I use vpn3000 with one connection group and an ACS server for users authentication (with RADIUS). There are two groups configured in ACS with different IP pools (10.20.1.x and 10.20.2.x). Private interface of the VPN3000 is configured with 10.7.2.1 and is connected to a 3550.</P><P>If a VPN client connects to the concentrator that gets him a 10.20.x.y IP, he can't ping the switch.</P><P>If I configured a 'test user' to get a 10.7.2.x IP, I can ping all the network...</P><P></P><P>I configured the 3550 port with:</P><P> interface FastEthernet0/5</P><P> switchport mode access</P><P> switchport access vlan 8</P><P></P><P> interface vlan 8</P><P> ip address 10.7.2.254 255.255.255.0</P><P> ip address 10.20.1.254 255.255.255.0 secondary</P><P> ip address 10.20.2.254 255.255.255.0 secondary</P><P></P><P>and in vpn3000 for default gateway 10.7.2.254 and tunnel gateway 10.7.2.254..</P><P>I want then to have a vlan for each IP pools configured in ACS...</P><P>Any one could help me to resolve this trouble ?? </P><P></P><P>Thank you</P> Fri, 21 Feb 2020 07:31:54 GMT gauthraj 2020-02-21T07:31:54Z Routing troubles behind VPN3000 https://community.cisco.com/t5/network-security/routing-troubles-behind-vpn3000/m-p/282933#M1059844 <P>Hello,</P><P></P><P>I use vpn3000 with one connection group and an ACS server for users authentication (with RADIUS). There are two groups configured in ACS with different IP pools (10.20.1.x and 10.20.2.x). Private interface of the VPN3000 is configured with 10.7.2.1 and is connected to a 3550.</P><P>If a VPN client connects to the concentrator that gets him a 10.20.x.y IP, he can't ping the switch.</P><P>If I configured a 'test user' to get a 10.7.2.x IP, I can ping all the network...</P><P></P><P>I configured the 3550 port with:</P><P> interface FastEthernet0/5</P><P> switchport mode access</P><P> switchport access vlan 8</P><P></P><P> interface vlan 8</P><P> ip address 10.7.2.254 255.255.255.0</P><P> ip address 10.20.1.254 255.255.255.0 secondary</P><P> ip address 10.20.2.254 255.255.255.0 secondary</P><P></P><P>and in vpn3000 for default gateway 10.7.2.254 and tunnel gateway 10.7.2.254..</P><P>I want then to have a vlan for each IP pools configured in ACS...</P><P>Any one could help me to resolve this trouble ?? </P><P></P><P>Thank you</P> Fri, 21 Feb 2020 07:31:54 GMT https://community.cisco.com/t5/network-security/routing-troubles-behind-vpn3000/m-p/282933#M1059844 gauthraj 2020-02-21T07:31:54Z Re: Routing troubles behind VPN3000 https://community.cisco.com/t5/network-security/routing-troubles-behind-vpn3000/m-p/282934#M1059845 <HTML><HEAD></HEAD><BODY><P>A similar configuration example using RADIUS for user authentication is available at <A class="jive-link-custom" href="http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a00800a3b88.shtml" target="_blank">http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a00800a3b88.shtml</A>. Hope that helps.</P></BODY></HTML> Mon, 02 Aug 2004 12:59:09 GMT https://community.cisco.com/t5/network-security/routing-troubles-behind-vpn3000/m-p/282934#M1059845 drolemc 2004-08-02T12:59:09Z