11-28-2012 09:34 AM - edited 03-07-2019 10:17 AM
All,
i was able to setup split tunneling and phase 1 is successful however, i am unable to ping any subnet that is being NAT. therefore, trying to figure out how do i allow any VPN connection with a 192.168.20.X address can ping i.e 192.168.10.X.
Solved! Go to Solution.
11-28-2012 10:10 AM
You'll want to deny those addresses in the nat acl like
Deny ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255
Do this on both ends. The source address for the acl should be on the box that you're doing this on. For instance, if you're putting the acl in the 192.168.10.x router, then you'd put the acl above.
Hth,
John
Sent from Cisco Technical Support iPhone App
11-28-2012 10:10 AM
You'll want to deny those addresses in the nat acl like
Deny ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255
Do this on both ends. The source address for the acl should be on the box that you're doing this on. For instance, if you're putting the acl in the 192.168.10.x router, then you'd put the acl above.
Hth,
John
Sent from Cisco Technical Support iPhone App
11-28-2012 11:01 AM
thanks that worked
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: