Hi, i have a problem with my vpn, i can correctly establish the vpn, but i have no ping or communication with the local network, what i missing or what i have configured incorrectly on my router, i will share my configuration with us:
RT-CLOA#show running-config
Building configuration...
Current configuration : 5936 bytes
!
! Last configuration change at 11:41:03 CST Sat Oct 7 2023 by Cloa_vpn
!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname RT-CLOA
!
boot-start-marker
boot-end-marker
!
!
enable secret xxx
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization network default local
!
!
!
!
!
!
aaa session-id common
clock timezone CST -4 0
!
no ip domain lookup
ip dhcp excluded-address 192.168.70.1 192.168.70.100
ip dhcp excluded-address 192.168.70.254
!
ip dhcp pool CLOA-LAN
network 192.168.70.0 255.255.255.0
default-router 192.168.70.1
domain-name cloa.cl
dns-server 192.168.70.21 200.72.1.5 200.72.1.11
lease 2
!
!
!
login on-success log
!
!
!
!
!
!
!
subscriber templating
!
!
!
!
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group VPN-CLINICA
! Default L2TP VPDN group
accept-dialin
protocol l2tp
virtual-template 1
no l2tp tunnel authentication
!
!
!
!
crypto pki trustpoint TP-self-signed-1979736926
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1979736926
revocation-check none
rsakeypair TP-self-signed-1979736926
!
!
crypto pki certificate chain TP-self-signed-1979736926
!
license udi pid C1111-8P sn FGL2416L6PW
license boot level securityk9
no license smart enable
!
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
!
username xxxxx password 0 xxxxxx
!
redundancy
mode none
!
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
lifetime 3600
crypto isakmp xxxxxx address 0.0.0.0
!
!
crypto ipsec transform-set myset esp-3des esp-sha-hmac
mode transport
!
!
!
crypto dynamic-map mymap 1
set nat demux
set transform-set myset
!
!
crypto map mymap 1 ipsec-isakmp dynamic mymap
!
!
!
!
!
!
!
interface GigabitEthernet0/0/0
ip address xxxxxxxxx 255.255.255.252
ip nat outside
negotiation auto
crypto map mymap
!
interface GigabitEthernet0/0/1
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/1/0
!
interface GigabitEthernet0/1/1
!
interface GigabitEthernet0/1/2
!
interface GigabitEthernet0/1/3
!
interface GigabitEthernet0/1/4
!
interface GigabitEthernet0/1/5
!
interface GigabitEthernet0/1/6
!
interface GigabitEthernet0/1/7
!
interface Virtual-Template1
ip unnumbered GigabitEthernet0/0/0
ip nat inside
peer default ip address pool VPN
ppp authentication ms-chap-v2
!
interface Vlan1
description IP local 192.168.70.1
ip address 192.168.70.1 255.255.255.0
ip nat inside
!
ip local pool VPN 10.10.10.1 10.10.10.5
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip nat pool CLOA-LAN xxxxxxx xxxxxxxx netmask 255.255.255.252
ip nat inside source static tcp 192.168.70.61 22000 interface GigabitEthernet0/0/0 22000
ip nat inside source static tcp 192.168.70.21 1433 interface GigabitEthernet0/0/0 1433
ip nat inside source static tcp 192.168.70.28 8443 interface GigabitEthernet0/0/0 8443
ip nat inside source static tcp 192.168.70.21 3389 interface GigabitEthernet0/0/0 3389
ip nat inside source static tcp 192.168.70.71 8001 interface GigabitEthernet0/0/0 8001
ip nat inside source list 1 pool CLOA-LAN overload
ip route 0.0.0.0 0.0.0.0 xxxxxxxxx
!
!
access-list 1 permit 192.168.70.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
line con 0
password xxxx
transport input none
stopbits 1
line vty 0 4
password xxxx
transport input all
!
!
!
!
!
!
end
RT-CLOA#
I need to the VPN network to be able to access this local network on router: 192.168.70.0/24
Please guys, help me, i has trying almost everything.
