Solved: It's definitely a problem - Page 2

hdoramane · ‎10-03-2014

Hi,

I have a strange problem with remote vpn client, I can connect with client vpn but access to LAN servers

It's seems like a problem with NAT Rules because the vpn traffic must not be translated, I did all changes but still not work

Otherwise, what's about the order of NAT-Rules?

If you can see with attached configs, thanks for any idea

hdoramane · ‎10-06-2014

thanks for your time & help

I'll do test tomorrow onsite and lets you know

thx again

hdoramane · ‎10-07-2014

It's definitely a problem with default gateway of servers!

It's works now!

thanks for all your help & assistance

much appreciated

ghostinthenet · ‎10-06-2014

Obviously I shouldn't answer questions before coffee. I was mixing up the "acl" statement with the "access-restrict" statement. We'll definitely need to put that back. Before you do, let's delete ACL 100 and redefine it as "access-list 100 permit ip 192.168.10.0 0.0.0.255 any" with no other lines... just to simplify.

The fact that you're able to ping 192.168.10.1 from the VPN tells me that we're doing alright there. Return traffic from LAN hosts should follow the default gateway path and reach the VPN clients, but that's not happening. Let's turn on the proxy arp on the VLAN 10 interface and see if that makes a difference. It shouldn't matter if 192.168.10.1 is the default gateway, but the fact that the virtual template is anchoring on VLAN 10 makes me think this might be a factor.

problem access LAN with remote vpn client 5.x on Router 800