Allow Cisco vpn client pool down a site to site VPN
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||
|
Posted by tweety on July 29, 2008, 3:28 pm
Please log in for more thread options I was wondering if the following is possible? I am terminating a vpn client ( pool 10.10.10.0 /24 ) onto router A and allowing access to 192.168.100.0 /24 , this is router A's local lan. Router A also has a site to site VPN to router B. This is from net 192.168.100.0 /24 to 192.168.200.0 /24 This is as follows..... Remote Client 10.10.10.0 /24 | | 192.168.100.0 /24 | | | Router A | | | Router B | | | 192.168.200.0 /24 Is there anyway that the remote client would be able to go down the Site to site VPN and see Router B's lan? I am looking fo the remote clients to be able to access resources on Router B's lan. Thanks for any help or pointers anyone can provide. Andrew | |||||||||||||
|
Posted by Artie Lange on July 29, 2008, 3:41 pm
Please log in for more thread options From router A: ip route 192.168.200.0/24 <IP of RouterB> ?
| |||||||||||||
|
Posted by Artie Lange on July 29, 2008, 3:48 pm
Please log in for more thread options Artie Lange wrote:
>
> From router A: > > ip route 192.168.200.0/24 <IP of RouterB> ? Should be ip route 192.168.200.0/24 <IP router A that knows how to get to B>
In that scenario, the VPN client would forward the packet to the router A that in turn would have a route to router B.... | |||||||||||||
|
Posted by tweety on July 29, 2008, 4:03 pm
Please log in for more thread options > Artie Lange wrote:
> > > =A0From router A:
>
> > ip route 192.168.200.0/24 <IP of RouterB> ?
>
> Should be > > ip route 192.168.200.0/24 <IP router A that knows how to get to B> > > In that scenario, the VPN client would forward the packet to the router > A that in turn would have a route to router B.... Hi guys i appreciate the quick answers :) However i would then need to make sure the client pool would not nat going from router A to router B? | |||||||||||||
|
Posted by News Reader on July 29, 2008, 4:17 pm
Please log in for more thread options tweety wrote:
>> Artie Lange wrote:
>> >>> From router A:
>>> ip route 192.168.200.0/24 <IP of RouterB> ? >> Should be
>> >> ip route 192.168.200.0/24 <IP router A that knows how to get to B> >> >> In that scenario, the VPN client would forward the packet to the router >> A that in turn would have a route to router B.... >
> Hi guys i appreciate the quick answers :) > > However i would then need to make sure the client pool would not nat > going from router A to router B? It sounds like the RAVPN and site-to-site VPN are terminated on the same interface of Router A. Since traffic between the RAVPN Client and Router B's internal network is not transiting from an "ip nat inside" to an " ip nat outside" interface on Router A, I don't see NAT as a concern on Router A. However, traffic returning from Router B's internal network to the RAVPN Client would need to be exempted from NAT on Router B. This traffic would also have to be included in the crypto ACLs of both routers. Best Regards, News Reader | |||||||||||||
>
> I was wondering if the following is possible?
>
>
> I am terminating a vpn client ( pool 10.10.10.0 /24 ) onto router A
> and allowing access to 192.168.100.0 /24 , this is router A's local
> lan. Router A also has a site to site VPN to router B. This is from
> net 192.168.100.0 /24 to 192.168.200.0 /24 This is as follows.....
>
>
> Remote Client 10.10.10.0 /24
> |
> |
> 192.168.100.0 /24
> |
> |
> |
> Router A
> |
> |
> |
> Router B
> |
> |
> |
> 192.168.200.0 /24
>
>
> Is there anyway that the remote client would be able to go down the
> Site to site VPN and see Router B's lan?
>
>
> I am looking fo the remote clients to be able to access resources on
> Router B's lan.
>
>
> Thanks for any help or pointers anyone can provide.
>
>
> Andrew