05-25-2018 09:30 AM - edited 03-12-2019 05:19 AM
I'm currently having major issues getting an IPSEC VPN client to work properly on an IOS router. The VPN client will connect and I can ping any interface that is on the router itself. However, I cannot communicate with anything beyond the router. I have completely removed the VPN config and rebuilt it several times. I've checked ACLS and routing. I'm not sure what the issue is here.
Per CDP the LAN layout is:
vpn client ----- Internet ---- 2851 VPN router --- csw02 ---- csw01 --- Server we need to reach (172.18.0.38)
VPN client Pool: 10.1.8.0 /24
2851 VPN Router 172.18.3.1 vlan 13
cssw02 172.18.3.230 vlan 13
cssw02 172.18.3.254 vlan 13
The trunks between the switches are DOT1Q with Vlan 13 native (172.18.3.0 /24 subnet).
Once the VPN client connects, I receive an IP of 10.1.8.10, then I can ping the router at 172.18.3.1 or any other subinterface on the router. I cannot ping beyond the router. Pings to the server on cssw01 at 172.18.0.38 fail. Pings to any SVI on the switches fail. A look in the statistics of the Cisco VPN client shows the correct secured route. I am attaching sanitized configs. I appreciate any help with this. Thank you!
06-01-2018 07:42 PM
06-02-2018 08:58 AM
The strange thing is that even though .3.254 looks good in wireshark. The vpn client does not receive the ICMP replies. Even when testing from different networks and hot spots.
I upgraded the IOS on the 2851 router yesterday and it made no difference. I also tried IPSEC over TCP port 10000 and it didn't work.
06-05-2018 02:15 PM
I really need some assistance with this. Anyone???
Update: I updated the IOS on the router and the switches - still nothing.
I moved the gateway of 172.18.3.254 from the switch to the router. - still nothing.
I tried a different router - vpn would connect, still could not reach 172.18.0.38.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide