10-03-2014 07:05 AM
Hi,
I have a strange problem with remote vpn client, I can connect with client vpn but access to LAN servers
It's seems like a problem with NAT Rules because the vpn traffic must not be translated, I did all changes but still not work
Otherwise, what's about the order of NAT-Rules?
If you can see with attached configs, thanks for any idea
Solved! Go to Solution.
10-06-2014 08:35 AM
thanks for your time & help
I'll do test tomorrow onsite and lets you know
thx again
10-07-2014 01:57 AM
It's definitely a problem with default gateway of servers!
It's works now!
thanks for all your help & assistance
much appreciated
10-06-2014 07:14 AM
Obviously I shouldn't answer questions before coffee. I was mixing up the "acl" statement with the "access-restrict" statement. We'll definitely need to put that back. Before you do, let's delete ACL 100 and redefine it as "access-list 100 permit ip 192.168.10.0 0.0.0.255 any" with no other lines... just to simplify.
The fact that you're able to ping 192.168.10.1 from the VPN tells me that we're doing alright there. Return traffic from LAN hosts should follow the default gateway path and reach the VPN clients, but that's not happening. Let's turn on the proxy arp on the VLAN 10 interface and see if that makes a difference. It shouldn't matter if 192.168.10.1 is the default gateway, but the fact that the virtual template is anchoring on VLAN 10 makes me think this might be a factor.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide