06-05-2018 05:37 AM - edited 03-08-2019 03:15 PM
I am almost entirely sure my problem is a lack of understanding but hopefully someone can't point me in the right direction.
Below is my lab at work that I am doing some testing trying to get my VPN to work. Everything so far works well but a problem I am running into is that Router 2 and my VPN router (which is connected to router 2) are unable to ping the internet. Currently Router 1 is performing NAT on the interface that the WAN is coming into (DHCP). Also it should be noted that there is no tunnel up at this time as I figured a good first step would be getting all the routers access to the WAN. The 3550 and Router 1 both work fine.
I'm trying to wrap my head around access-lists so currently on Router1 I have it permit any just to rule out and misconfiguration.
Thanks!
Solved! Go to Solution.
06-05-2018 07:44 AM
So I think I understand the diagram and what you are trying to accomplish. When you say you can't ping the Internet from R2 or the VPN router i assume that is the Internet cloud or the Archer 750. Regardless, I assume those devices only know of R1's F0/0 DHCP address. Perhaps if you also put "ip nat inside" on the S0/0 interface of R1 you may be able to ping?
06-05-2018 07:44 AM
So I think I understand the diagram and what you are trying to accomplish. When you say you can't ping the Internet from R2 or the VPN router i assume that is the Internet cloud or the Archer 750. Regardless, I assume those devices only know of R1's F0/0 DHCP address. Perhaps if you also put "ip nat inside" on the S0/0 interface of R1 you may be able to ping?
06-05-2018 08:01 AM
You hit the nail on the head.
I noticed it in my config and had a ohhhh right moment. Not to bring things off topic but would making a vpn and having it go through nat require a change in the nat rules?
06-05-2018 08:35 AM
I don't see where the VPN gets NATed in the diagram. Is the VPN from R2 to the Internet?
06-05-2018 08:44 AM
I thought because the internet was coming in through the Router 1 and being NAT'd that it might in someway affect making a tunnel from a device that's not directly connected to that router.
Does that make sense?
06-05-2018 11:58 AM
So the tunnel connection from the VPN router goes through R1 to the Internet?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide