Announcement

Collapse
No announcement yet.

Easy Vpn Server setup?! help?!

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Easy Vpn Server setup?! help?!

    Hi All,

    i'm in the process of setting up a second easy vpn server for remote clients to access my lan using cisco vpn client.(i already have one setup to one of my other interfaces )
    i've managed to get clients to connect to my public ip through vpn and authenticate..
    but they cannot access my lan..
    they cannot ping,rdp,telnet or any sort of communication with my inside lan..
    any advice? i'm sure ive missed something with my configuration and ill appreciate if you could point it out
    here's the relevant config i've issued:

    aaa authorization network sdm_vpn_group_ml_2 local
    aaa authentication login sdm_vpn_xauth_ml_2 local
    ip local pool SDM_POOL_1 172.16.1.1 172.16.1.100
    crypto ipsec transform-set cyberia esp-md5-hmac esp-3des
    mode tunnel
    exit
    crypto dynamic-map SDM_DYNMAP_1 1
    set transform-set cyberia
    reverse-route
    exit
    crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
    interface FastEthernet0/0
    no crypto map
    crypto map SDM_CMAP_1
    exit
    crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_2
    crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_2
    crypto map SDM_CMAP_1 client configuration address respond
    crypto isakmp client configuration group cyberia
    key 0 *******
    pool SDM_POOL_1
    netmask 255.255.255.0
    exit
    crypto isakmp policy 1
    authentication pre-share
    encr 3des
    hash md5
    group 2
    lifetime 86400
    exit
    crypto isakmp xauth timeout 15

  • #2
    Re: Easy Vpn Server setup?! help?!

    I presume you LAN is on the 172.16.1.0/24 subnet.
    If so, are you using DHCP in your LAN and have you set up an exclusion in there for the VPN client range?

    Ta
    Caesar's cipher - 3

    ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

    SFX JNRS FC U6 MNGR

    Comment


    • #3
      Re: Easy Vpn Server setup?! help?!

      actually no..
      my local lan subnet is 192.168.0.0/24
      and no i haven't done any excludes...

      Comment


      • #4
        Re: Easy Vpn Server setup?! help?!

        have you got a route setup between the two subnets then?
        Caesar's cipher - 3

        ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

        SFX JNRS FC U6 MNGR

        Comment


        • #5
          Re: Easy Vpn Server setup?! help?!

          good point!
          haven't taken that into consideration..
          though i wanna share one more thing with you..

          as i already have a working easy vpn service setup on one of my other interfaces, i tried using its policy with my new configuration..
          so even though i used that preconfigured pool.. i still werent able to access my inside lan!

          is there a restriction against using different interfaces with one policy?

          Comment

          Working...
          X