VPN Client Cannot Access LAN


I have tried to solve this but cannot, any help would be appreciated.

Network is:

|------PIX-----Internet Router------Remote VPN Client | LAN| | ------Router (Default Gateway for LAN Hosts) Upto now the VPN clients have been logging in successfully to the PIX and accessing resources on the LAN. The DHCP scope handed out by the PIX though was in the same range as the LAN.

LAN is

VPN CLients via DHCP with old range: to with SM of

We have decided to change DHCP pool of clients to and changed the nonat statement on the PIX to reflect the new range. NB My colleague who did this didn't remove the old no-nat statememt to and I was concerned this may have been one issue when we tested the config.

The LAN router has an IP of /24. It has a default route to the PIX /24.

My problem: When the VPN isers log in they get an IP in the range of

10.0.50.X but they cannot ping or connect to anything on the LAN. The LAN router is running RIP Version 2 (network

Any ideas



Reply to
Darren Green
Loading thread data ...


Have you debug'd the PIX..'logging trap debugging' and watched the connection attempts. Don't do this to the buffer if this is a busy box, hence the trap/logging server. (option#2 "logging buffered debugging")

another note: Debug ip packet on the router - router(confg)#int fa0/0 (whatever interface) router(config-if)# no ip route-cache

router(config)#access-list 101 permit ip source (etc..) destination(etc..)

router#debug ip packet 101 det

  1. See if you are getting through the pix
  2. See if the packet is hitting the router
  3. See if the packets are returning...etc..

let us know /mike

Reply to

Have the exact same issue with one of my users, and I've discovered that the issue lays in the fact that the router doesn't allow L2TP and PPP passthru'

You might want to take a look at that !!!

Reply to
Julian Dragut

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.