Solved: Re: Access LIST VPN ISSUE - Page 2

soufiane.Max · ‎06-02-2022

hello everyone.

please can you check my code maybe i forget something , my VPN IS WORKING FINE when i remove this command but i can't access internet :

ip nat inside source list 105 pool POOL-NAT-LAN overload

my code

interface GigabitEthernet1

CONNECT TO OUTSIDE WAN

ip address 192.168.123.1 255.255.255.0

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

crypto map CRYPTOMAP

!
interface Vlan1

description $ETH_LAN$

ip address 192.168.117.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

ip default-gateway 192.168.123.254

ip nat pool POOL-NAT-LAN 192.168.123.110 192.168.123.200 netmask 255.255.255.0 ip nat inside source route-map nonat interface GigabitEthernet1 overload

ip route 0.0.0.0 0.0.0.0 192.168.123.254 ! !

route-map nonat permit 1

match ip address 105 !

access-list 101 permit ip 192.168.117.0 0.0.0.255 192.168.1.0 0.0.0.255

access-list 101 deny ip 192.168.117.0 0.0.0.255 any

access-list 105 permit ip 192.168.117.0 0.0.0.255 any

access-list 105 deny ip 192.168.117.0 0.0.0.255 192.168.1.0 0.0.0.255

when i try to ping my lan network 192.168.117.1 the ping is too long with HIGH ping Value see the screen in attachement .

and when i put back this command :

ip nat inside source list 105 pool POOL-NAT-LAN overload

i can ping internet 1.1.1.1 and my vpn traffic but too slow... and after some ping i lost completly connection my lan network ?

have you any idea ?

Thank you

soufiane.Max · ‎06-03-2022

hello dear thank you for you reply.

if you see my current topology i have only one isp router

MHM Cisco World · ‎06-03-2022

ip nat inside source route-map nonat interface Giga1 overload 
 ip route 0.0.0.0 0.0.0.0 giga1
!
 access-list 110 deny   ip lan lan-remote
 access-list 110 permit ip lan any
 !
 route-map nonat permit 10
  match ip address 110

soufiane.Max · ‎06-12-2022

I m sorry to be late. I reseted my router 3 times. And now he isw working fine with my first configuration. I dont know why the first time i setted the configuration the router was unable to connect to vpn and internet on the same time. acces list was setted correctly. I m using my first configuration without any change. Thank you for your assistance guy's maybe my router is faulty.. all your answer was helpful.