Solved: Re: 3015 behind PIX

r.perera · ‎02-10-2005

Hi, My 3015 public interface and private interface attachd to a PIX interfaces.

Public connect to PIX DMZ1 (security 50)

Private connect to PIX DMZ2 (security 80)

My RADIUS server is at PIX inside network (security 100)

I have ACL in DMZ2 to allow all IP traffic through PIX and a STATIC (inside, DMZ2) 10.x.x.x 10.x.x.x

My VPN clients connect to the Concentrator no problem. but they cant access the internal LAN resources, with or without split tunneling

I can pin all my LAN resources from VPN 3015 concentrator.

Pls help

Regards

Ranjith

sachinraja · ‎02-13-2005

Hi Ranjith

what is the ip pool you are configuring on the VPN concentrator ? is it the same as the private IP subnet or a different one ? make sure you have proper routes to the IP pool from the inside network. try assigning a ip address from the same private subnet (since u are already able to ping from the 3015) and try accessing the applications.

let us know..

Raj

View solution in original post

sachinraja · ‎02-13-2005

Hi Ranjith

what is the ip pool you are configuring on the VPN concentrator ? is it the same as the private IP subnet or a different one ? make sure you have proper routes to the IP pool from the inside network. try assigning a ip address from the same private subnet (since u are already able to ping from the 3015) and try accessing the applications.

let us know..

Raj

r.perera · ‎02-13-2005

Hi Raj,

Yes, That was a routing issue, on the PIX I had to add the route to ip pool subnet to go via concentrator.

Thanks for your help

Regards