cisco Remote VPN issue while changing the VPN ip pool

vinodk_gupta · ‎04-23-2012

Hi,

We have already implemented Cisco client VPN service on Cisco ASA. My Cisco VPN ip pool is configured 174.26.4.0/22 & My corporate network pool is 172.26.4.0/22. which is working perfectly.

My concern is VPN pool 174.26.4.0/22 is comes under public range so i want to change this pool into private range (172.30.100.0/24)

so i changed below configuration.

no access-list nonat extended permit ip 172.26.4.0 255.255.252.0 174.26.4.0 255.255.252.0
no ip local pool testpool 174.26.4.0-174.26.4.253

access-list nonat extended permit ip 172.26.4.0 255.255.252.0 172.30.100.0 255.255.255.0
ip local pool testpool 172.30.100.1-172.30.100.254

After changing, i am able to connect vpn & vpn machine got ip address 172.30.100.1.

during VPN connection, vpn machine (172.30.100.1) is pinging from corporate network & even take the remote also but from VPN machine (172.30.100.1) I am not able to ping corporate network.

For your information i have added the route on corp machine towards ASA inside which are earlier doing.

i am not able to understand where is my mistake?

I am attaching the existing config & public ip & natting of server command is removed for security purpose.

Please help us

Regards

vinod Gupta

9810966625

alex.tulio · ‎04-23-2012

Configure your ip pool as 172.26.4.1-172.26.4.50, you just need to get a chunk in your /22 network for you VPN client pools. Then you should be able to ping your corporate LAN.

Sent from Cisco Technical Support iPhone App