Question : Problem: Unable to use applications over a Cisco site to site VPN configured with SDM

I have set up a number of Cisco routers using the latest SDM. I have created site to site VPNs using the wizard and I am able to ping the PCs on the remote sites. However I am unable to use applications (eg. Remote desktop or Citrix) across the VPN.

I have this problem with Cisco 875 and 1801-K9 routers even with the latest IOS and SDM.

Cisco spent time on this problem and got applications running over the VPN however when I later looked at what they had done they had removed the ACLs from the dialer! Obviously this is not a satisfactory solution.

I assume that the SDM and the SDM site to site wizard must work so I guess that I am doing something wrong.

What I am looking for is how to correctly configure this with SDM (and not CLI). Has anyone managed to do this and can they supply me with some notes.

I currently have a 875 and an 875W in stock so can use these for testing (we have 2 broadbands in the office).

Answer : Problem: Unable to use applications over a Cisco site to site VPN configured with SDM

It is not a question of misunderstanding rather the "open" VPN tunnel setup is no longer a good approach since it exposes the LAN to risks beyond ITs control. To reduce the possible virus coming over a VPN connection, it is better to add ACL's to limit the traffic over the VPN to what is expected, SMTP, web, etc.  It is possible that the added security model is part of the SDM.    
When you are going through the SDM Express/VPN wizard are there advanced option or a place where you can add what services are to be allowed through the VPN?  Once policies are created are you able to go through a GUI to update/modify them versus starting from scratch with a wizard?  If there is such an option, go through the policy and see whether you can get to the section that deals with the ACL for the VPN tunnel.
Random Solutions  
 
programming4us programming4us