[c-nsp] VPN issues
Justin M. Streiner
streiner at cluebyfour.org
Tue Jan 15 02:00:08 EST 2008
On Tue, 15 Jan 2008, Aaron R wrote:
> This is a quick one. Has anyone had problems with VPN remote access clients
> accessing resources over a LAN to LAN or site to site VPN before? Can anyone
> illustrate what considerations need to be made typically for this kind of
> setup? Below is my situation.
I'm assuming that you have a private/internal IP address pool for the VPN
clients, correct? Is the network range for that pool included in the SA
used to build the LAN to LAN tunnel to the remote site? If the client
pool range isn't in the SA, the ASA on your end will never try to send
that traffic over the tunnel to the remote site, which could explain why
you see nothing after the initial outbound attempt.
That's just a guess, but I've seen it burn people before :(
jms
More information about the cisco-nsp
mailing list