05-24-2007 02:11 AM - edited 02-20-2020 09:39 PM
Hello,
I have a Cisco 850 running 12.4(2) with an existing L2L tunnel to another Cisco router. I am trying to add remote access to the Cisco 850 and I'm having, what I believe, is an ACL or NAT issue. I can connect to the 850 with the VPN client and get an address from the pool, but I can not ping in the internal network. Any help is appreciated. Here is my config:
Solved! Go to Solution.
05-24-2007 08:02 AM
Your NAT ACL 101 needs to deny IP from internal IP to remote VPN pool 10.2.199.x.
05-24-2007 08:02 AM
Your NAT ACL 101 needs to deny IP from internal IP to remote VPN pool 10.2.199.x.
05-24-2007 04:36 PM
Palomoj,
Thanks, that has me pointed in the right direction. I can know get replies to ping, but the replies are coming from the external IP of the router, not the 10.203.0.0 devices I am pinging on the LAN. Any more suggestions? Thanks again.
05-24-2007 09:15 PM
config t
access-list 111 permit ip 10.203.0.0 0.0.0.255
any
crypto isakmp client configuration group doctors
acl 111
05-25-2007 02:05 PM
Thanks Palomoi, that did it. Your help is appreciated.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide