|
|
Question : Problem: Cisco PIX 501 VPN connection made but cannot acces resources or ping LAN connected to.
|
|
I Have a Ciso PIX501 which I was able to get the connection made to from the VPN Client.... However when I try to ping any computer on the LAN I cannot see them. I cannot even ping the inside ip of the pix. I also have the PIX going to a PIX to PIX VPN which has been working for at least 6 months and is still active. I have a few VPN Clients running from the other PIX which have also been working no problem for that 6 months. But for whatever reason this pix althou the VPN clinet is connected i cannot see any resources on the vLAN... HELP
|
Answer : Problem: Cisco PIX 501 VPN connection made but cannot acces resources or ping LAN connected to.
|
|
You need to specify "interesting traffic". That is the traffic that should be protected (encrypted) by this VPN connection. Just as you have for the site2site in this:
>access-list crypto_outside permit ip 10.10.12.0 255.255.255.0 10.10.10.0 255.255.255.0 >access-list crypto_outside permit ip 10.10.12.0 255.255.255.0 10.10.13.0 255.255.255.0 >access-list crypto_outside permit ip 10.10.12.0 255.255.255.0 10.10.11.0 255.255.255.0 >crypto map mymap 20 match address crypto_outside
Now I notice that you have 10.10.13.0/24 in there, which would also match the addresses that you have in you IP pool for remote clients. So for clarification, is 10.10.13.0 used for anything else but this IP pool? I.e. do you have any hosts on this net or are they solely used for VPN clients?
|
|
|