10-07-2014 04:14 AM - edited 03-04-2019 11:54 PM
Hello!
I ask your advices!
I have Cisco 881, which is connected to the Internet.
There is a VPN-tunnel on it to a host.
command "Ping" from 881 to this host is working. But from the PC behind the cisco is not going.
I see the Internet, but not the host.
That is my config:
version 15.2
!
interface Tunnel0
description --=VPN=--
ip address 10.0.0.11 255.255.255.252
tunnel source FastEthernet4
tunnel mode ipsec ipv4
tunnel destination 123.345.67.89
!
interface FastEthernet0
switchport access vlan 2
no ip address
!
interface FastEthernet4
description WAN
ip address 12.12.12.20 255.255.255.248
duplex auto
speed auto
ip nat outside
!
interface Vlan2
ip address 192.168.0.3 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip nat inside source list NAT interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 12.12.12.2
ip route 192.168.100.0 255.255.255.0 10.0.0.10
!
ip access-list extended NAT
permit ip 12.12.12.0 0.0.0.255 any
!
Thanks beforehands!
10-08-2014 07:43 AM
Everything looks good here, but the symptoms sound like the remote end is missing a return route for traffic. You should have something like this on the other router:
ip route 192.168.0.0 255.255.255.0 10.0.0.11
Can you verify that this route is present?
10-08-2014 10:15 AM
Does your tunnel show up up on show ip interface brief?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide