Hi, I'm in a customer's office and I'm trying to vpn to my office. I can login using my cisco 4.6 vpn client and it was authenticated ok by my office's vpn cisco concentrator. But the problem is I can not ping / telnet to my office LAN. Can someone tell me what the customer needs to open up in his firewall, so i can access my office LAN >>>?? thanks for your help. J
If you can connect with the vpn client then nothing else needs to be opened on the customer firewall. It's not something like the customers lan subnet is the same as your company subnet ? that would break things. simon
Well, if i'm outside the firewall of the customer, after I vpn in, I was able to ping/telnet to my servers in the office. If I'm inside the customer's firewall, I can vpn in but I'm unable to access any of my servers, such as telnet/ http, etc. ping, telnet, and http are open in the customer's firewall. I can ping yahoo, browsed web, etc.
They are using the same IP subnet as the network on the remote side. A small travel router may allow you to setup a simple little network where you can control the local IP subnet. Even if an intermediate network segment (the part between your little router and their firewall) has a conflicting IP range this should still work. It's a lame little hack that can work if you have no ability to renumber the networks.
This is one of the reasons you should avoid using the common network numbering for consumer routers when you setup an office LAN with a VPN gateway. Try to avoid the 192.168.0.x-192.168.2.x ranges.
I'll bet that when you were outside the firewall you had a different IP address.
I'll also bet that you have the same IP address range at your office as the customer has. This causes problems.
Sim>
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.