12-06-2008 07:22 AM
We have a VPN concentrator that has a L2L connection that connects our office with another location. We also have users connect into our office using the Cisco client. There has recently been a need for the users to VPN and access a network on the L2L tunnel but they can't access it. I'm having problems wrapping my head around what I need to do to allow this. Since they are both terminating at the concentrator it seems that the concentrator should know how to handle the traffic.
Solved! Go to Solution.
12-09-2008 07:54 AM
Hi,
Have you included the VPN Pool of IP Addresses in the Lan to Lan Tunnel Interesting Traffic. Also, make sure that the remote site IPSEC ACL's and routing are updated after you make the changes on your side.
Regards,
Arul
*Pls rate if it helps*
12-09-2008 02:09 AM
Bascially, AFAIK the concentrator will not allow VPN clients to access the L2L network unless specifically configured. There is a solution on PIX/ASA called "Hair-pinning" Not sure if you can do this in a concentrator.
HTH>
12-09-2008 07:54 AM
Hi,
Have you included the VPN Pool of IP Addresses in the Lan to Lan Tunnel Interesting Traffic. Also, make sure that the remote site IPSEC ACL's and routing are updated after you make the changes on your side.
Regards,
Arul
*Pls rate if it helps*
12-09-2008 12:06 PM
Let's say that your VPN users get:
192.168.100.0
And
your L2L users are on the:
10.10.10.0
You will need to configure your group policy for the dial-in users to be able to access the 10.10.10.0 network. If they tunnel everything, this won't be a problem. Now, you will need to change the ACL on the other end of the L2L tunnel, and allow them to get to the 10.10.10.0 network. What I suspect is happening is that the VPN clients are getting to the L2L side, but the traffic is dropping because the L2L side doesn't know how to get back to your VPN client.
You'll need to change the ACL on the client end of the L2L tunnel and the tunnel policy that the concentrator uses to allow the VPN clients range.
HTH,
John
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide