11-28-2012 09:34 AM - edited 03-07-2019 10:17 AM
All,
i was able to setup split tunneling and phase 1 is successful however, i am unable to ping any subnet that is being NAT. therefore, trying to figure out how do i allow any VPN connection with a 192.168.20.X address can ping i.e 192.168.10.X.
Solved! Go to Solution.
11-28-2012 10:10 AM
You'll want to deny those addresses in the nat acl like
Deny ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255
Do this on both ends. The source address for the acl should be on the box that you're doing this on. For instance, if you're putting the acl in the 192.168.10.x router, then you'd put the acl above.
Hth,
John
Sent from Cisco Technical Support iPhone App
11-28-2012 10:10 AM
You'll want to deny those addresses in the nat acl like
Deny ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255
Do this on both ends. The source address for the acl should be on the box that you're doing this on. For instance, if you're putting the acl in the 192.168.10.x router, then you'd put the acl above.
Hth,
John
Sent from Cisco Technical Support iPhone App
11-28-2012 11:01 AM
thanks that worked
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide