Hi

In Windows the "Use default gateway on remote network" option is enabled in the VPN Adapter config, therefore windows routes connections to the VPN if they are not reachable in the local network.

As default gateway I get the IP 0.0.0.0 on the VPN Adapter, this the normal behaviour of the Windows integrated L2TP VPN Client according my reseaches.

My guess is, that it can not work without any ip route or even NAT configs on the Cisco router.

Just looking for the simplest way to config that.

The devices in the LAN not use any router, it is a isolated network with devices just communicating with each other.

There will be no LAN -> WAN connections.

Just connections from the VPN (conntected through the routers WAN interface) to devices in the LAN should be possible.

Hi Georg

The VPN pool address space is 192.168.64.10 192.168.64.19

The WAN is 192.168.1.xxx

The LAN is 10.10.64.xxx

I want to use non-overlapping address spaces for all 3 interfaces, LAN, WAN and VPN.

This should be possible, or not?

Kind of routing from VPN's 192.168.64.0 network to the LAN's 10.10.64.0

Do your LAN clients have a default gateway set to the LAN interface IP on the router ? 

Jon

Hi Jon

The devices in the LAN network not have a default gateway configured, because they not communicate with devices outside local network.

It is a completely isolated ethernet network (with own switches) with PBX and IP phones connected.

The Cisco Router should act as a VPN Access to that network so that i can administrate the PBX from my computer connected to the WAN network with a established VPN connection to Cisco Router.

It is not desired to change the TCP/IP settings of the devices in the LAN network.

The Cisco Router is physically connected to this isolated ethernet network with it's LAN interface and it have an IP of the LAN's subnet on that interface.

I can ping devices in the LAN network from the Routers terminal.

Therefore connection router <-> LAN network clearly works.

Also VPN Connection to the Cisco Router from WAN netork works.

Just need to bring this both together, some steps for connection VPN -> LAN Network are necessary.

ip route config? NAT config?

Thanks in advance.

Michael,

If your devices on the LAN don't have a default gateway, then no wonder they can't communicate with other networks. The VPN pool is a different network, so you can't have any communication between them if you don't have routing in place. Now if you can't modify the network settings on your PCs in the LAN, then the only solution is to use NAT. Translate VPN pool addresses into LAN interface address at the VPN gateway router and you should get communication. However, it will only work if initiated from VPN into the LAN, not other way round.

Hi Sergey

Thanks for clarify, so the way I have to go is NAT.

It is perfectly fine that it will only work if initiated from VPN into the LAN.

Now the main question:

What is the simplest way to configure this VPN->LAN NAT?

Hi Sergey

Super - Now it works how i want.

Connections from the VPN to the devices in LAN are possible now.

Thank you very much! :-)

Michael,

You are welcome :)

Hello,

since you are using private space addressing on the WAN interface (192.168.1.0) I assume this is some kind of test environment and not a real, live router connected to the Internet ? And if so, what are you testing with, real equipment, or a simulator ?