PIX VPN issue

- G
- Gre0145
  
  Contact options for registered users
posted
15 years ago

Thu, Oct 23, 2008 10:50 PM

I have a VPN established with a vendor of ours that has worked perfectly for years. 2 days ago the vendor request that we allow another subnet to access our network. I added the subnet to an ACL and tested from my end. I was able to ping the host that would access our network. I assumed everything was fine but when the vendor tested he was unable to connect (ping, ftp, tracert, etc.). I did not change anything with encryption or authentication (we are using 3DES and MD5, pre-share key). We even went over the settings again to make sure each end matched. Also, he is still able to connect using his other subnet that has worked for years. The only issue is with the new subnet, and again, i am able to access it, he is not able to access ours. Any ideas?

Loading thread data ...

- A
- Artie Lange
  
  Contact options for registered users
Vote on answer
posted
15 years ago

Fri, Oct 24, 2008 2:07 PM

Did you exclude the new subnet from NAT?

access-list inside_nat0_outbound extended permit ip 192.168.0.0

255.255.255.0 192.168.3.0 255.255.255.0

Where 192.168.0.0 is the local network you are on and 192.168.3.0 is the new subnet?

nat (inside) 0 access-list inside_nat0_outbound

Excludes the ACL from NAT

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.