10-06-2014 08:20 AM
Hello everyone,
We are setting up a Remote access VPN from our end user machine to cisco 2900 series router, till now we are able establish the VPN tunnel and can access all the local IP's of the router. but when we try accessing the internal subnet/ the network device IP where the router is connected , it seems to be not reachable.
Few observations are listed here :-
1. On VPN client statistics window , Encryption counter seems to be increasing but the decryption count becomes stable when we try to ping other networks through the VPN.
2. The routing is proper at the internal network.
3. ACL also seems to be correct.
expecting you suggestions ...!
Thanks in Advance :)
10-06-2014 10:33 PM
Please provide configuration of the devices.
IOS version used on the Router
Please check your access-list also check whether the internal subnet and device ip subnet is allowed .
if possible provide us an diagram of what and how are you trying to access.
Pothen
10-17-2014 01:49 AM
Hi Pothen,
Thanks for the reply , due to security reason we unable to share the config. but as per the analysis by OEM the config seems to be fine . but once they disabled the CEF on the inside interface backbone accessibility went fine.
Now we are trying to do the hair pinning by allowing RA users to get through the S-2-S tunnel . but it is not happening as expected . Since we are doing the dynamic Natting for both RA and LAN users on the loopback adapter of the router we are not seeing any traffic count which comes from RA VPN clients.
Do you have any suggestion for this .:)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide