Thanks for your post. From your description, three things come to my mind.
1. As your VPN client address pool will differ from the internal subnet(s), you may not have included this subnet in your NAT exempt statement(s), so it'll be unable to traverse the site to site tunnel between Site-A and Site-B.
2. You have not permitted the client VPN pool subnet across the tunnel in the access control lists.
3. It could be a routing issue, however I highly doubt this, my money is on the issue being related to one of the above issues. Without seeing your configuration I cannot be sure.
Please have a look at the above points raised and check your configurations closely. Remember to check both sides, as the traffic needs to be allowed back in return from Site-A for this all to work.
If you are still having issues, please post a sanitised configuration (show run) from both Site-A and Site-B so I can get a better understanding of your environment. Hopefully we can resolve this fairly briefly.
I look forward to hearing back.
Thanks,
Luke
Please rate helpful posts and mark correct answers.
Thanks for your post. From your description, three things come to my mind.
1. As your VPN client address pool will differ from the internal subnet(s), you may not have included this subnet in your NAT exempt statement(s), so it'll be unable to traverse the site to site tunnel between Site-A and Site-B.
2. You have not permitted the client VPN pool subnet across the tunnel in the access control lists.
3. It could be a routing issue, however I highly doubt this, my money is on the issue being related to one of the above issues. Without seeing your configuration I cannot be sure.
Please have a look at the above points raised and check your configurations closely. Remember to check both sides, as the traffic needs to be allowed back in return from Site-A for this all to work.
If you are still having issues, please post a sanitised configuration (show run) from both Site-A and Site-B so I can get a better understanding of your environment. Hopefully we can resolve this fairly briefly.
I look forward to hearing back.
Thanks,
Luke
Please rate helpful posts and mark correct answers.
No problem, however you are going to have to help me out a bit more than that - otherwise I'm going at this blind.
I'd suggest double and triple checking as per my suggestions, if you cannot see anything untoward yourself then please post the sanitised configuration from both Site-A and Site-B.
Thanks,
Luke
Please rate helpful posts and mark correct answers.
Great, I'm please we got this sorted for you. Please remember to rate answers for content and mark them as correct :-)
Kind regards,
Luke Oxley
Please rate helpful posts and mark correct answers.
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
