Solved: Unable to VPN Outside to In

rmaxson2 · ‎11-16-2007

I just walked into this job to half way through a change over from a software firewall to the cisco box. The config on this thing is crazy. I need help!

I need to get a client VPN from outside to inside so the IT dept. can access the network hardware. then we'll add some static VPN's for other devices..

Anyway I've tried everything even the wizard on a dev box to figure out what is keeping me from accessing the network. I can establish a tunnel but can not get anywhere.

I've included the entire config as it's poor and the problem may be any place.

Thanks for any help.

timkaye · ‎11-25-2007

Hello.

It appears you have failed to NOT nat the

VPN traffic to the destined internal networks.

I'd add

access-list nat0 extended permit ip 10.125.1.0 255.255.255.0 10.0.0.0 255.0.0.0

Of course you may wish to tailor this more appropriately for the internal networks you want to access.

You should also bind the ip pool to your group-policy.

See how that goes...

Tim

View solution in original post

timkaye · ‎11-25-2007