- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
VPN client can ping inside network but inside network cannot ping VPN client
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2016 08:56 PM
Hi
What could be the problem for this?, after connecting to VPN, the vpn client can ping the inside servers but the inside servers cannot ping the vpn client ip address.
VPN client 172.30.0.0 255.255.0.0
Inside server 10.193.0.0 255.255.0.0
------------------------------------------------
please see running config of layer3 switch
Building configuration...
Current configuration : 17984 bytes
!
! Last configuration change at 12:24:11 PST Thu Feb 11 2016 by danb
! NVRAM config last updated at 09:10:01 PST Thu Feb 11 2016 by danb
!
version 12.2
no service pad
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
no service password-encryption
!
hostname SMMKTHB001
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$3wXw$LwLNipVHsFugCzxTqdJH.1
!
!
no aaa new-model
clock timezone PST 8
system mtu routing 1500
vtp mode transparent
authentication mac-move permit
ip subnet-zero
ip routing
!
!
!
!
!
!
archive
log config
logging enable
logging size 1000
notify syslog contenttype plaintext
hidekeys
path flash:archive-config
write-memory
time-period 1440
!
spanning-tree mode rapid-pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
spanning-tree vlan 158 priority 4096
spanning-tree vlan 160-161,172,190,193,203 priority 0
!
vlan internal allocation policy ascending
!
vlan 10
name PRINTER
!
vlan 158
name CBNC
!
vlan 160
name RTR
!
vlan 161
name THPAL
!
vlan 172
!
vlan 190
name MANAGEMENT
!
vlan 193
name SMM
!
vlan 203
!
!
!
!
interface Port-channel1
description *** Link to SMMNLCS001 Gi0/1, Gi0/2 ***
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/1
description *** Link to SMMNLCS001 Gi0/1 ***
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode desirable
!
interface GigabitEthernet0/2
description *** Link to SMMNLCS001 Gi0/2 ***
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode desirable
!
interface GigabitEthernet0/3
switchport access vlan 160
switchport mode access
!
interface GigabitEthernet0/4
switchport access vlan 160
switchport mode access
!
interface GigabitEthernet0/5
switchport access vlan 160
switchport mode access
!
interface GigabitEthernet0/6
switchport access vlan 160
switchport mode access
!
interface GigabitEthernet0/7
switchport access vlan 160
switchport mode access
!
interface GigabitEthernet0/8
switchport access vlan 160
switchport mode access
!
interface GigabitEthernet0/9
switchport access vlan 161
switchport mode access
!
interface GigabitEthernet0/10
switchport access vlan 161
switchport mode access
!
interface GigabitEthernet0/11
switchport access vlan 161
switchport mode access
!
interface GigabitEthernet0/12
description ## SMMNLWC251 WLC ##
switchport trunk encapsulation dot1q
switchport trunk native vlan 193
switchport mode trunk
!
interface GigabitEthernet0/13
description <<<to SMMPH Server Farm L2SW>>>
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/14
description <<<to SMMPH Server Farm L2SW>>>
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/15
switchport access vlan 193
switchport mode access
!
interface GigabitEthernet0/16
switchport access vlan 172
switchport mode access
ip access-group 172 in
!
interface GigabitEthernet0/17
switchport access vlan 203
switchport mode access
!
interface GigabitEthernet0/18
description ## connection to 24F switch ##
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 158,161,193
switchport mode trunk
!
interface GigabitEthernet0/19
description ## connection to SMMNLHB002 25F switch ##
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 158,161,193
switchport mode trunk
!
interface GigabitEthernet0/20
description ## connection to SMMNLHB001 25F switch ##
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 158,161,193
switchport mode trunk
!
interface GigabitEthernet0/21
switchport access vlan 158
switchport trunk encapsulation dot1q
switchport mode access
!
interface GigabitEthernet0/22
switchport access vlan 158
switchport mode access
!
interface GigabitEthernet0/23
switchport access vlan 158
switchport mode access
!
interface GigabitEthernet0/24
switchport access vlan 158
switchport mode access
speed 100
duplex full
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface Vlan1
no ip address
!
interface Vlan158
description CBNC_VLAN
ip address 10.158.254.251 255.255.0.0 secondary
ip address 10.158.255.251 255.255.0.0
ip helper-address 10.193.1.1
ip policy route-map CBNC_RMAP
standby 1 ip 10.158.1.1
standby 1 ip 10.158.2.100 secondary
standby 1 preempt
!
interface Vlan160
description RTR
ip address 10.160.255.251 255.255.0.0
standby 2 ip 10.160.255.254
standby 2 priority 105
standby 2 preempt
!
interface Vlan161
description THPAL_VLAN
ip address 10.161.255.251 255.255.0.0
ip helper-address 10.193.1.1
ip policy route-map THPAL_RMAP
standby 3 ip 10.161.1.1
standby 3 priority 105
standby 3 preempt
!
interface Vlan172
description <<DMZ-2 Segment>>
ip address 172.22.255.251 255.255.0.0
standby 4 ip 172.22.255.254
standby 4 priority 105
standby 4 preempt
!
interface Vlan190
ip address 10.190.255.251 255.255.0.0
standby 5 ip 10.190.255.254
standby 5 priority 105
standby 5 preempt
!
interface Vlan193
ip address 10.193.255.251 255.255.0.0
ip policy route-map SMMPH_RMAP
standby 6 ip 10.193.255.254
standby 6 priority 105
standby 6 preempt
!
interface Vlan203
description <<<SMMPH Backup Server NW>>>
ip address 10.203.255.251 255.255.0.0
ip access-group 103 out
standby 7 ip 10.203.255.254
standby 7 priority 105
standby 7 preempt
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.158.2.6
ip route 10.20.1.0 255.255.255.0 10.160.1.1
ip route 10.30.1.0 255.255.255.0 10.160.1.1
ip route 10.40.1.0 255.255.255.0 10.160.1.1
ip route 10.50.1.0 255.255.255.0 10.160.1.1
ip route 10.60.1.0 255.255.255.0 10.160.1.1
ip route 10.70.1.0 255.255.255.0 10.160.1.1
ip route 10.80.1.0 255.255.255.0 10.160.1.1
ip route 10.90.1.0 255.255.255.0 10.160.1.1
ip route 10.159.0.0 255.255.0.0 10.160.1.1
ip route 10.171.0.0 255.255.0.0 10.160.1.5
ip route 10.172.0.0 255.255.0.0 10.160.1.5
ip route 10.172.12.111 255.255.255.255 10.160.1.1
ip route 10.173.0.0 255.255.0.0 10.160.1.5
ip route 10.174.0.0 255.255.0.0 10.160.1.5
ip route 10.175.0.0 255.255.0.0 10.160.1.5
ip route 10.176.0.0 255.255.0.0 10.160.1.5
ip route 10.177.0.0 255.255.0.0 10.160.1.5
ip route 10.178.0.0 255.255.0.0 10.160.1.1
ip route 10.179.0.0 255.255.0.0 10.160.1.5
ip route 10.180.0.0 255.255.0.0 10.160.1.5
ip route 10.210.0.0 255.255.0.0 10.160.1.5
ip route 116.50.215.136 255.255.255.248 10.160.1.3
ip route 122.216.84.178 255.255.255.255 10.160.1.3
ip route 172.16.0.0 255.255.0.0 10.160.1.3
ip route 172.21.0.0 255.255.0.0 172.22.1.1
ip route 172.23.0.0 255.255.0.0 172.22.1.1
ip route 172.30.0.0 255.255.0.0 10.158.2.6
ip route 192.168.1.0 255.255.255.0 10.160.1.3
ip route 192.168.10.0 255.255.255.252 10.160.1.1
ip http server
!
!
ip access-list extended CBNC_ACL
deny ip 10.159.0.0 0.0.255.255 172.30.0.0 0.0.255.255
deny ip 10.158.0.0 0.0.255.255 10.158.0.0 0.0.255.255
deny ip 10.158.0.0 0.0.255.255 10.159.0.0 0.0.255.255
deny ip 10.158.0.0 0.0.255.255 10.0.0.0 0.255.255.255
deny ip 10.158.0.0 0.0.255.255 10.210.0.0 0.0.255.255
deny ip 10.158.0.0 0.0.255.255 host 10.161.1.32
deny ip 10.158.0.0 0.0.255.255 10.193.0.0 0.0.255.255
deny ip 10.158.3.0 0.0.0.255 host 10.193.1.61
deny ip 10.30.1.0 0.0.0.255 host 10.193.1.1
deny ip 10.30.1.0 0.0.0.255 host 10.193.1.6
deny ip 10.30.1.0 0.0.0.255 host 10.193.1.61
deny ip 10.30.1.0 0.0.0.255 host 10.193.1.62
deny ip 10.30.1.0 0.0.0.255 host 10.193.1.21
deny ip 10.30.1.0 0.0.0.255 host 10.193.1.26
deny ip 10.40.1.0 0.0.0.255 host 10.193.1.1
deny ip 10.40.1.0 0.0.0.255 host 10.193.1.6
deny ip 10.158.10.0 0.0.0.255 host 10.193.1.21
deny ip 10.40.1.0 0.0.0.255 host 10.193.1.61
deny ip 10.40.1.0 0.0.0.255 host 10.193.1.62
deny ip 10.40.1.0 0.0.0.255 host 10.193.1.21
deny ip 10.40.1.0 0.0.0.255 host 10.193.1.26
deny ip 10.50.1.0 0.0.0.255 host 10.193.1.1
deny ip 10.50.1.0 0.0.0.255 host 10.193.1.6
deny ip 10.50.1.0 0.0.0.255 host 10.193.1.61
deny ip 10.50.1.0 0.0.0.255 host 10.193.1.62
deny ip 10.60.1.0 0.0.0.255 host 10.193.1.1
deny ip 10.60.1.0 0.0.0.255 host 10.193.1.6
deny ip 10.60.1.0 0.0.0.255 host 10.193.1.21
deny ip 10.60.1.0 0.0.0.255 host 10.193.1.26
deny ip 10.60.1.0 0.0.0.255 host 10.193.1.61
deny ip 10.50.1.0 0.0.0.255 host 10.193.1.21
deny ip 10.60.1.0 0.0.0.255 host 10.193.1.62
deny ip host 10.158.2.50 host 10.193.1.65
deny ip 10.50.1.0 0.0.0.255 host 10.193.1.26
deny ip host 10.158.2.31 10.193.1.0 0.0.0.255
deny ip host 10.158.2.50 10.161.2.0 0.0.0.255
deny ip host 10.158.2.50 host 10.193.1.1
deny ip host 10.158.2.50 host 10.193.1.6
deny ip host 10.158.2.11 host 10.193.1.1
deny ip host 10.158.2.12 host 10.193.1.1
deny ip 10.159.1.0 0.0.0.255 10.193.1.0 0.0.0.255
deny ip 10.159.1.0 0.0.0.255 10.161.2.0 0.0.0.255
deny ip 10.159.1.0 0.0.0.255 172.21.0.0 0.0.255.255
deny ip 10.159.1.0 0.0.0.255 172.22.0.0 0.0.255.255
deny ip 10.159.1.0 0.0.0.255 172.23.0.0 0.0.255.255
deny ip 10.158.20.0 0.0.0.255 host 10.193.1.40
deny ip 10.158.20.0 0.0.0.255 host 10.193.1.103
deny ip 10.158.20.0 0.0.0.255 host 10.193.1.21
deny ip 10.158.20.0 0.0.0.255 host 10.193.1.26
deny ip 10.158.20.0 0.0.0.255 host 10.193.1.1
deny ip host 10.158.2.150 host 10.193.1.11
deny ip 10.50.0.0 0.0.255.255 10.161.3.0 0.0.0.1
deny ip host 10.50.1.210 192.168.1.0 0.0.0.255
permit ip 10.158.0.0 0.0.255.255 any
permit ip 10.159.0.0 0.0.255.255 any
permit ip 192.168.10.0 0.0.0.3 any
permit ip 10.20.0.0 0.0.255.255 any
permit ip 10.30.0.0 0.0.255.255 any
permit ip 10.40.0.0 0.0.255.255 any
permit ip 10.50.0.0 0.0.255.255 any
permit ip 10.60.0.0 0.0.255.255 any
permit ip 10.70.0.0 0.0.255.255 any
permit ip 10.80.0.0 0.0.255.255 any
permit ip 10.90.0.0 0.0.255.255 any
ip access-list extended SMMPH_ACL
deny ip host 10.193.1.6 172.29.29.0 0.0.0.255
deny ip 10.193.0.0 0.0.255.255 172.30.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.160.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 172.16.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 172.21.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 172.22.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 172.23.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.158.0.0 0.0.255.255
deny ip host 10.193.1.1 10.30.1.0 0.0.0.255
deny ip host 10.193.1.6 10.30.1.0 0.0.0.255
deny ip host 10.193.1.61 10.30.1.0 0.0.0.255
deny ip host 10.193.1.62 10.30.1.0 0.0.0.255
deny ip host 10.193.1.21 10.30.1.0 0.0.0.255
deny ip host 10.193.1.26 10.30.1.0 0.0.0.255
deny ip host 10.193.1.1 10.40.1.0 0.0.0.255
deny ip host 10.193.1.6 10.40.1.0 0.0.0.255
deny ip host 10.193.1.61 10.40.1.0 0.0.0.255
deny ip host 10.193.1.11 host 10.158.3.2
deny ip host 10.193.1.11 host 10.158.3.3
deny ip host 10.193.1.62 10.40.1.0 0.0.0.255
deny ip host 10.193.1.21 10.40.1.0 0.0.0.255
deny ip host 10.193.1.26 10.40.1.0 0.0.0.255
deny ip 10.193.1.0 0.0.0.255 host 10.158.2.31
deny ip host 10.193.1.40 10.158.20.0 0.0.0.255
deny ip host 10.193.1.103 10.158.20.0 0.0.0.255
deny ip host 10.193.1.21 10.158.20.0 0.0.0.255
deny ip host 10.193.1.26 10.158.20.0 0.0.0.255
deny ip host 10.193.1.1 10.158.20.0 0.0.0.255
deny ip host 10.193.1.1 10.50.1.0 0.0.0.255
deny ip host 10.193.1.6 10.50.1.0 0.0.0.255
deny ip host 10.193.1.61 10.50.1.0 0.0.0.255
deny ip host 10.193.1.62 10.50.1.0 0.0.0.255
deny ip host 10.193.1.1 10.60.1.0 0.0.0.255
deny ip host 10.193.1.6 10.60.1.0 0.0.0.255
deny ip host 10.193.1.21 10.60.1.0 0.0.0.255
deny ip host 10.193.1.26 10.60.1.0 0.0.0.255
deny ip host 10.193.1.61 10.60.1.0 0.0.0.255
deny ip host 10.193.1.21 10.50.1.0 0.0.0.255
deny ip host 10.193.1.62 10.60.1.0 0.0.0.255
deny ip host 10.193.1.26 10.50.1.0 0.0.0.255
deny ip host 10.193.1.1 host 10.158.2.50
deny ip host 10.193.1.6 host 10.158.2.50
deny ip host 10.193.1.65 host 10.158.2.50
deny ip host 10.193.1.1 host 10.158.2.11
deny ip host 10.193.1.1 host 10.158.2.12
deny ip 10.193.1.0 0.0.0.255 10.159.1.0 0.0.0.255
deny ip host 10.193.1.61 10.158.3.0 0.0.0.255
deny ip host 10.193.1.11 host 10.158.2.150
deny ip 10.193.0.0 0.0.255.255 10.193.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.161.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.171.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.172.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.173.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.174.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.175.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.176.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.177.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.178.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.179.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.180.0.0 0.0.255.255
deny ip 10.193.0.0 0.0.255.255 10.210.0.0 0.0.255.255
permit ip 10.193.0.0 0.0.255.255 any
ip access-list extended THPAL_ACL
deny ip 10.161.0.0 0.0.255.255 10.160.0.0 0.0.255.255
deny ip 10.161.2.0 0.0.0.255 host 10.158.3.2
deny ip 10.161.2.0 0.0.0.255 host 10.158.3.3
deny ip 10.161.2.0 0.0.0.255 host 10.158.2.103
deny ip host 10.161.1.22 host 10.158.2.103
deny ip host 10.161.2.102 host 10.158.10.73
deny ip host 10.161.2.101 host 10.158.10.73
deny ip 10.161.2.0 0.0.0.255 host 10.158.2.31
deny ip 10.161.2.0 0.0.0.255 host 10.158.2.50
deny ip host 10.161.1.32 10.158.10.0 0.0.0.255
deny ip 10.161.0.0 0.0.255.255 10.161.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.171.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.172.0.0 0.0.255.255
deny ip host 10.161.3.1 10.50.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.173.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.174.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.175.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.176.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.177.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.178.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.179.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.180.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.193.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 10.210.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 172.16.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 172.21.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 172.22.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 172.23.0.0 0.0.255.255
deny ip 10.161.0.0 0.0.255.255 192.168.1.0 0.0.0.255
deny ip 10.161.2.0 0.0.0.255 10.159.1.0 0.0.0.255
deny ip host 10.161.2.101 10.158.2.0 0.0.0.255
deny ip host 10.161.2.102 10.158.2.0 0.0.0.255
deny ip host 10.161.2.101 10.158.255.0 0.0.0.255
deny ip host 10.161.2.102 10.158.255.0 0.0.0.255
deny ip host 10.161.2.98 10.158.2.0 0.0.0.255
deny ip host 10.161.2.96 10.158.2.0 0.0.0.255
deny ip host 10.161.2.99 10.158.2.0 0.0.0.255
deny ip host 10.161.2.97 10.158.2.0 0.0.0.255
deny ip host 10.161.2.173 host 10.158.2.33
deny ip host 10.161.2.174 host 10.158.2.33
deny ip host 10.161.2.172 host 10.158.2.33
deny ip host 10.161.2.189 192.168.10.0 0.0.0.3
permit ip 10.160.0.0 0.0.255.255 any
permit ip 10.161.0.0 0.0.255.255 any
permit ip 10.193.0.0 0.0.255.255 any
!
ip sla enable reaction-alerts
logging trap notifications
logging 10.193.1.65
access-list 10 permit 10.158.2.12
access-list 10 permit 10.158.10.100
access-list 10 permit 10.158.10.101
access-list 10 permit 10.193.1.0 0.0.0.255 log
access-list 10 permit 10.161.2.0 0.0.0.255
access-list 10 permit 10.160.0.0 0.0.255.255
access-list 103 permit ip 10.203.0.0 0.0.255.255 10.160.0.0 0.0.255.255 log
access-list 103 permit ip 10.203.0.0 0.0.255.255 203.167.81.224 0.0.0.15
access-list 172 permit ip 172.21.0.0 0.0.255.255 10.193.0.0 0.0.255.255
access-list 172 permit ip 172.22.0.0 0.0.255.255 10.193.0.0 0.0.255.255
access-list 172 permit ip 172.21.0.0 0.0.255.255 10.173.0.0 0.0.255.255
access-list 172 permit ip 172.22.0.0 0.0.255.255 10.173.0.0 0.0.255.255
access-list 172 permit ip 172.21.0.0 0.0.255.255 10.161.3.0 0.0.0.255
access-list 172 permit ip 172.22.0.0 0.0.255.255 10.161.3.0 0.0.0.255
access-list 172 permit ip 172.21.0.0 0.0.255.255 10.194.0.0 0.0.255.255
access-list 172 permit ip 172.22.0.0 0.0.255.255 10.194.0.0 0.0.255.255
access-list 172 permit ip 172.21.0.0 0.0.255.255 10.174.0.0 0.0.255.255
access-list 172 permit ip 172.22.0.0 0.0.255.255 10.174.0.0 0.0.255.255
access-list 172 permit ip 172.21.0.0 0.0.255.255 10.210.0.0 0.0.255.255
access-list 172 permit ip 172.22.0.0 0.0.255.255 10.210.0.0 0.0.255.255
access-list 172 permit ip 172.21.0.0 0.0.255.255 10.176.0.0 0.0.255.255
access-list 172 permit ip 172.22.0.0 0.0.255.255 10.176.0.0 0.0.255.255
access-list 172 permit ip 172.22.0.0 0.0.255.255 10.161.0.0 0.0.255.255
access-list 172 permit ip 172.21.0.0 0.0.255.255 10.159.0.0 0.0.255.255
access-list 172 permit ip 172.22.0.0 0.0.255.255 10.159.0.0 0.0.255.255
route-map THPAL_RMAP permit 10
match ip address THPAL_ACL
set ip next-hop 10.160.1.3
!
route-map SMMPH_RMAP permit 10
match ip address SMMPH_ACL
set ip next-hop 10.160.1.3
!
route-map CBNC_RMAP permit 10
match ip address CBNC_ACL
set ip next-hop 10.158.2.6
!
!
!
!
line con 0
logging synchronous
line vty 0 4
access-class 10 in
logging synchronous
login local
line vty 5 15
access-class 10 in
logging synchronous
login local
!
!
monitor session 1 source vlan 160 - 161 , 172 , 190 , 193 , 203
monitor session 1 destination interface Gi0/7
end
- Labels:
-
VPN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2016 10:51 PM
Hi,
i think its better to post the VPN configs part, it might be ACL/NAT issue, because you have granted permission from client pool to your servers ip's but not the opposite.
HTH.
Sam.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-11-2016 03:16 AM
We need to see the VPN configuration as Samer has mentioned.
--
Please remember to select a correct answer and rate helpful posts
Please remember to select a correct answer and rate helpful posts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-11-2016 05:08 AM
hi
This is resolved.just added the acl on inside interface to permit inside server to vpn pool. Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide