Showing results for 
Search instead for 
Did you mean: 

Cisco to WatchGuard VPN Tunnel Cant Ping machines only the routers


Reading this post has led me to believe i have a ip route issue.

Cisco 1921 ->  Machine on

WG T20 -> Machine on

WG can ping the machine and vica versa. Same with Cisco. Neither can ping the other network. I had ip route setup early on that was XX.XXX.253.97 (Which is the gateway of the ISP Modem) and i have no idea why i did that. When that was used i was able to at least get a ping response from the other routers ip. I could ping from machine @ as well as the other way around. I was not able to ping the opposing Machine though. What i need is basically all traffic from 192.168 network to go to the 10.0 network. This specific setup is for testing. I simply need to be able to send data from the 192 network to the machine @ I have attached the Cicso config.

Any help would be appreciated. I am a networking noob.

1 Accepted Solution

Accepted Solutions

@WizJ not talking about blocking traffic, but you need to explictly permit traffic over the VPN - it's important as the configuration on the other end needs to mirror the ACL configuration.

# Crypto map ACL to encrypt traffic from to network.
access-list 101 permit ip

# NAT ACL - NAT traffic to the internet and to ensure traffic from to over the VPN is not translated
access-list 102 deny ip
access-list 102 permit ip any
ip nat inside source list 102 interface GigabitEthernet0/0 overload

View solution in original post

12 Replies 12

VIP Community Legend VIP Community Legend
VIP Community Legend