Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
447
Views
0
Helpful
5
Replies

Unable to access LAN when connected to VPN

abdulnahas
Level 1
Level 1

‎07-31-2005 04:54 AM - edited ‎02-21-2020 01:53 PM

Hi,

We are unable to access or ping the LAN when connected to VPN. I have checked the Allow LAN access in the cisco vpn client. the subnet of our local LAN is 10.x.x.x. Any help on this issue will be greatly appreciated.

Labels:
0 Helpful
5 Replies 5

spremkumar
Level 9
Level 9

‎07-31-2005 10:51 PM

hi there

can u throw some more lite on ur connectivity setup and also post u r configs related to both the sides which will be helpful to analyse the problem which ur facing currently at present..

As u mentioned which LAN ur unable to ping remote end or your local lan ?

regds

0 Helpful

d.jursik
Level 1
Level 1
In response to spremkumar

‎08-01-2005 01:51 AM

Hello,

If it is local lan be sure that it is also set on VPN concentrator for relevant VPN group under Client Config in Split Tunneling policy following is set:

Tunnel everything, check "Allow the networks in list to bypass the tunnel", in Split tunneling network list choose "VPN Client Local LAN (default).

Regards,

D.

0 Helpful

abdulnahas
Level 1
Level 1
In response to d.jursik

‎08-01-2005 09:10 AM

I am using a PIX 525 firewall where the VPN is terminated. split tunneling is not configured on the firewall. Is it necessary to configure split tunneling on the firewall in order for the communication between the LOCAL LAN Systems at the branch network. The IPs thrown by the VPN server belong to 10.243.6.0 network and the local LAN at the branch has a 10.0.0.0 network. i am able to access all the resources through the VPN client on the remote network. Please help.....................

Regards

Nahas

Regards

Nahas

0 Helpful

abdulnahas
Level 1
Level 1
In response to spremkumar

‎08-01-2005 09:00 AM

My branch that is running vpn client has 10.0.0.0 network. I am connecting to the HO and able to access all the resources. The ip thrown to the vpn client is 10.243.6.0 network. The HO has the following networks 10.11.11.0, 10.11.2.0, 10.11.13.0, 10.11.14.0, 10.11.12.0.

I am unable to ping the local LAN in the branch on connecting to the VPN.

Any help would be appreciated.

Regards

Nahas

0 Helpful

d.jursik
Level 1
Level 1
In response to abdulnahas

‎08-02-2005 12:51 AM

I think you have to enable split tunneling. On you pix create an access list like follows:

access-list 102 permit ip 10.11.2.0 255.255.255.0 10.243.6.0 255.255.255.0

access-list 102 permit ip 10.11.11.0 255.255.255.0 10.243.6.0 255.255.255.0

access-list 102 permit ip 10.11.12.0 255.255.255.0 10.243.6.0 255.255.255.0

access-list 102 permit ip 10.11.13.0 255.255.255.0 10.243.6.0 255.255.255.0

access-list 102 permit ip 10.11.14.0 255.255.255.0 10.243.6.0 255.255.255.0

Disable NAT between HQ and VPN:

nat (inside) 0 access-list 102

Add Split tunnelin to the VPN group:

vpngroup xxxxxx split-tunnel 102

This should allow you access local resources in remote LAN where the VPN client is located

0 Helpful
Customers Also Viewed These Support Documents