04-07-2010 06:27 AM
Hi ,
I have been using easy VPN for a long time, but without split tunneling. Last Monday, I made a change in Easy VPN connection and add split-tunnelling properties. I configured all my access succesfully, but site-to-site VPN tunnels. I added other site internel IP subnet and peer IPs, but still cannot reach.
I want to reach other site over Easy VPN, because I was able to reach before split tunnelling operation.
What should I check , or what else will I do ?
Any help greatly appreciated..
Regards.
04-07-2010 06:36 AM
Hi,
EzVPN could cause problems with split tunneling if in client mode.
Do you have EzVPN in network or client mode?
To check the Site-to-Site problem can you post the configs?
Federico.
04-07-2010 06:52 AM
Sorry, But I dont have any oppurtunity about using EzVPN , because site-to-site VPN connection links our company to another company. The other company uses Checkpoint for firewall. That's why I cannot use EzVPN tech for this situation.
But I thought that If I added the other company's internal network subnet to split tunnel IPs , It went over the site-to-site tunnel.But it did not.
So I added more like peer IP of other company but it is not still working.
I dont want to change my site-to-site configuration because of other company's approach of IT problem.
Thanks.
04-07-2010 08:25 AM
Sure, it should work with no problems.
Could you post the configuration from your side?
Federico.
04-07-2010 12:51 PM
04-13-2010 12:39 PM
Ok,
The Site-to-Site tunnel should be established from the PIX to IP A.B.17.252.
The interesting traffic is the traffic defined in access-list outside_cryptomap_20_1 (from any source to 192.168.5.0/24)
If 192.168.5.0/24 is indeed the network that you're trying to reach, then you should add this statement:
access-list inside_nat0_outbound permit ip any 192.168.5.0 255.255.255.0
This command:
route inside 192.168.5.0 255.255.255.0 172.16.0.2 1
Is sending traffic to 192.168.5.0/24 to the inside, which is incorrect if that's the other site's subnet.
Federico.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide