Remote VPN - no remote LAN connectivity

Hi all

I'm having a problem with my remote access VPN to home. I have a router 800 series which is serves as the VPN (this is also my ADSL router modem), and there isn't enough work as it should...

I can establish a connection to the outside world, and when I run show crypto isakmp/ipsec his I see relevant entries. However, my problem is that once connected, I cannot ping anything in my local network. I can't ping even inside my ADSL router interface. I have another 800 series which is the next leap in broadcasting wireless clients, and is not accessible by ICMP either when it is connected through the VPN.

I won't go through all the troubleshooting steps that I've taken the case, this post will be a saga. I guess it's a routing problem or a NAT? It is not all NAT entries for the VPN client when it is connected, so I think that I bypassed that correctly.

I stripped my config back a bit just to try to make it work, I've pasted below:

version 12.4
no service button
horodateurs service debug datetime msec
Log service timestamps datetime msec
encryption password service
!
hostname blah - blah
!
boot-start-marker
boot-end-marker
!
enable secret 5

!
AAA new-model
!
!
local AAA_VPN AAA authentication login
local AAA_VPN AAA authorization network
!
AAA - the id of the joint session
!
resources policy
!
!
!
IP cef
IP domain name blah.com/results.htm
name-server IP 208.67.222.222
property intellectual ssh
property intellectual ssh

property intellectual ssh
no accounting vlan
!
!
!
username secret blah 5

username password blah 7
!
!
crypto ISAKMP policy 1
BA aes
preshared authentication
Group 2
life 3600
!
ISAKMP crypto client configuration group xxxxxx
password key 6
pool VPN_address_pool
!
!
Crypto ipsec transform-set VPN_transformset aes - esp esp-sha-hmac
!
Crypto-map dynamic dyn1 10
game of transformation-VPN_transformset
reverse-road remote-peer x.x.x.x (the ISP gateway address)
!
!
list of authentication of card crypto client VPN AAA_VPN
VPN isakmp AAA_VPN crypto card authorization list
open crypto map configuration VPN client address
crypto map VPN client configuration address respond
VPN ipsec-isakmp dyn1 10 crypto dynamic map
!
Bridge IRB
!
!
interface Loopback0
no ip address
Shutdown
!
ATM0 interface
xxxx.xxxx.xxxx Mac address
no ip address
no ip redirection
no ip unreachable
No atm ilmi-keepalive
DSL-automatic operation mode
!
point-to-point interface ATM0.50
link to high-speed description
DHCP IP address
IP mtu 1492
NAT outside IP
IP virtual-reassembly
no link-status of snmp trap
ATM with a road ip bridge
PVC 0/101
aal5snap encapsulation
!
VPN crypto card
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
no ip address
Bridge-Group 1
!
interface BVI1
description of the LAN interface
IP x.x.x.x 255.255.255.0
IP nat inside
IP virtual-reassembly
!
IP local pool VPN_address_pool x.x.x.x where x.x.x.x (do not overlap with any of my other used private beaches)
IP route 0.0.0.0 0.0.0.0 x.x.x.x (Gateway ISP)
IP route x.x.x.x 255.255.255.0 x.x.x.x
!
no ip address of the http server
no ip http secure server
IP nat inside source tcp static x.x.x.x interface ATM0.50 x x
IP nat inside source map route ROUTE_MAP_VPN interface ATM0.50 overload (prevents the VPN pool specified in the line to refuse to ACL_NAT_VPN to be translated)
IP nat inside source tcp static x.x.x.x interface ATM0.50 x x
!
ACL_NAT_VPN (basis of the road map) extended IP access list
refuse the x.x.x.x (pool VPN) 0.0.0.255 ip x.x.x.x 0.0.0.255
allow an ip x.x.x.x 0.0.0.255
allow an ip x.x.x.x 0.0.0.255
allow an ip x.x.x.x 0.0.0.255
!
access-list 1 permit x.x.x.x 0.0.0.255
access-list 1 permit x.x.x.x 0.0.0.255
177 permit icmp any one access list - ignore, used for troubleshooting
ROUTE_MAP_VPN allowed 10 route map
corresponds to the IP ACL_NAT_VPN
!
!
control plan
!
Bridge Protocol ieee 1
1 channel ip bridge
!
Line con 0
exec-timeout 0 0
Synchronous recording
no activation of the modem
line to 0
line vty 0 4
exec-timeout 0 0
Synchronous recording
transport input x
!
max-task-time 5000 Planner
end

Well, if you see encrypted/decrypted packets move away a lot of problems.

You can TEST inside the router of the VPN Client (LAN) IP?

This local network should have a default gateway pointing to the router or a route from the pool of VPN.

Federico.

Tags: Cisco Security

Similar Questions

  • Remote Desktop connection: Windows 7 Home Premium 64-bit connects to the computer of Windows XP VPN

    Hi all

    I am trying to establish remote desktop TO my new laptop (Windows 7 Home Premium 64-bit) on my computer (Windows XP) work via a VPN. The VPN Client connects to my network to work with no problems, but when I try to use the remote desktop connection I get an error message:

    Remote Desktop cannot connect to the remote computer to one of the following reasons:

    (1) remote access to the server is not enabled

    (2) the remote computer is disabled

    (3) the remote computer is not available on the network

    Make sure that the remote computer is on and connected to the network, and remote access is enabled.

    Items 1-3 are working well, so I guess that the problem is caused by another issue?
    I'd appreciate any help.
    Thank you
    Lou
    Thanks for your response Al. To answer your qus:
    (1) cisco VPN Client for 64 - bit.

    (2) I don't know how to ping through the VPN tunnel - I don't see this option, anywhere in the Cisco customer (I'm not a professional, just a user)
    (3) Yes. Also, I can connect to the host PC via my old laptop XP (xp) of fine House, just not my new laptop (Windows 7 Home Premium) so the problem must be with my new laptop rather than at the end of the host PC.

    After that you connect through the VPN tunnel open a command window, IE. go in Start > run , then type cmdand type ping DRC-hostname or IP-address-DRC ping.

    Examples:

    Ping lou - pc

    ping 192.168.1.25

    FWIW, I have a desktop computer home wireless Windows 7 Home Premium SP1 64 bit on my LAN that connects fine to a XP Pro SP3 32-bit Wired test machine using [DRC] remote desktop. Now XP Pro SP3 DRC test machine is configured for a static IP address and I have manually configured the network mask, gateway, DNS resolves and made sure that NetBIOS over TCP/IP is enabled in the properties of the NETWORK Ethernet card on the test computer.

    Just for fun, I checked the hashes of file for the file mstsc.exe on the Win 7 Home Premium 64-bit machine and a machine Win 7 Home Premium 32 bit I have and hashes were a bit different as the size of the files. The versions of the files are the same though. I assume that the difference is because we're 64-bit to 32...

  • RVL200 SSL VPN: cannot access a remote LAN with iPad2

    RVL200 firmware 1.1.12.1

    iPad2 cannot access any device on the Remote LAN despite the closed padlock icon.

    Is there another App needed? Or how to debug SSL VPN?

    Emmanuel,

    Were you able to access the LAN devices? Also, have you connected using a Mac or a PC successfully to verify that the devices are available? Sometimes antivirus and firewall software can block access to devices from a remote IP address.

  • Remote Desktop connects then stops after a few seconds

    I have two laptops to Windows 7.  We run OpenVPN which I will refer to the VPN server.  The other is the Client and with me on trips.  Open VPN is configured on the Client and the VPN server, and I can connect from inside and outside the network without any problems.  I also have an Open VPN Client with another port configured on a server QNAS.  I can connect without any problems.

    I want to run the OpenVPN server on one VLAN separated to prevent users to see my internal network and only sees another NAS.  I also use the VPN to offer our few users (3) the ability to connect and use my static IP address.

    I have a router TP-Link-ER-6120.  I can configure the three ports to run in 3 separate VLANS.  When I configure the VPN server works on my regular network to exploit the VLAN1 and VLAN2, I can always connect to OpenVPN and all I want to do works (NAS and Internet access with my static IP).  However, when I try to establish a Session to the VPN server computer remote desktop, I get the login and enter my user name and password.  I see the remote desktop window, open and usually see the remote desktop wallpaper and loading the desktop icons.  Then it crashes.  If he does until I can see the desktop, it automatically attempts to reconnect.  If she makes it that far, it stops with a window that says Remote Desktop connection has been disconnected.

    If I come back in the configuration of the router and change the configuration of VLAN for the server VPN is on the same virtual network, I can connect and the remote desktop connection is successful, as long as the customer is located on my network.  If I connect the Client to the VPN server from outside my network in this configuration, the remote desktop will always fail in the same manner described above.  I also have a QNAS on my network with OpenVPN configured and operational.  If I connect the Client computer to the QNAS, I can connect to the VPN server until the VPN server is placed in its own VIRTUAL LAN.

    Thus, work Desktop connections to local computers.

    However, since a remote off-grid remote office connections begin to work, but are stopped when connecting.

    -J' I ping the VPN server during connection attempts and never lose the connection.

    -J' used telnet to Server VPN 3389 port and it connects.

    -J' turned off the firewalls on both sides and went up to remove Symantec on the VPN and BitDefender server on the side side Client to use Windows Firewall on both.  And then disabled Windows Firewall as well and still no joy.

    Is there a setting in Windows I'm missing that allow the desktop connection remote on the LAN, but not enable during login remotely even if I can ping, telnet and usually access the rest of the network?

    Is it maybe a configuration problem on the side of the router?  Installation side route is a very simple graphic interface.  I configured for the VPN service roads and they remain in place (one for the QNAS) and one for the OpenVPN server.  I set up a static route (virtual server) for port 3389 go directly to the IP address of the VPN server, but that did nothing.

    Miss me probably something simple, but it launched my ass for weeks now.

    Any ideas?

    Hello Michael,

    Thank you for visiting Microsoft Community and we provide a detailed description of the issue.

    By the description, I understand that the problem with remote desktop connects and then stops after a few seconds on the system.

    Certainly, I understand your concern and will try my best to help you.

    To get more information about it, we have a dedicated forum where these issues are dealt with and would be better suited to the TechNet community.

    Please visit the link below to find a community that will provide the best support.

    http://social.technet.Microsoft.com/forums/en-us/home?category=WindowsServer

    I hope this information is useful.

    Please let us know if you need more help, we will be happy to help you.

    Thank you.

  • In XP, remote desktop connection is too slow

    Hi team,
    I have a problem with the remote desktop connection. I use windows xp SP3 operating system, whenever I am trying to connect to a server from my laptop connect after his hit get or too slow.
    Firstly I have internet then connect it with CISCO VPN and then try to connect with the server
    PC to connect with the server, but its too slow I can't execute all orders of his get
    I use Server 2003.
    Could you suggest me on this?

    Thank you
    Narendra JHA

    Hi JHA Narendra.

    Your question of Windows is more complex than what is generally answered in the Microsoft Answers forums. It is better suited for the IT Pro TechNet public. Please post your question in the TechNet Windows Server forum.

    http://social.technet.Microsoft.com/forums/en-us/winservergen/threads

  • EA6500 Remote Desktop connection

    Very simple requirement.

    • New EA6500
    • (Win7Pro) server on local network
    • (Win8Pro) PC on LAN
    • You use Remote Desktop connection to connect PC to the server.

    The old LinkSys WRT54G worked well.

    Also tried searching on the web and speaking to support a few hours... Support made me play with security settings:

    • Uncheck Internet filter options
    • Add a record on the Port Range Forwarding with Port 3389 to the IP address of the server.

    I have spent hours trying to make this work, but no luck.

    I finally solved this. Problem was with the firewall on the server that I tried to remote desktop.

    • Initially, I disabled the firewall and could then remote desktop to the server.
    • Converted and then back on, tweaked (don't know exactly what I did) and it works now with the operation of the firewall.

    Thanks for the help.

  • Remote Desktop connection. An internal error has occurred.

    Hello

    The error occurs on a Windows 7 Home computer.

    I connect successfully via a Sonic Wall VPN client.

    I can ping the IP address of the remote computer.

    I run remote desktop (using the IP address of the remote computer) and get the error:

    "Remote Desktop connection.  An internal error has occurred. »

    He used to work without fault and all of a sudden abandonment of work.

    Please notify.

    To resolve this problem, I realized the following:

    Open RDP

    Enter the IP address of the remote computer

    Click view the Options

    Click on experience

    Uncheck the box to reconnect if the connection is broken

    Click on connect

  • What I'm missing to allow Remote Desktop connection?

    What has changed in Windows 7 that is so complicated to get remote desktop connect to run on remote computers?  I have my wife's computer and my home theater computer, but also a 'home' server I managed with the DRC compression or at least I did.  Since the upgrade to windows 7, the only link of DRC, I can do now is my "home" Server (which is based windows2003 I think).

    I've done the basics, I go to properties on my check for distance, computer, the box that says allow remote.  I looked at the firewall level, and he checked as enabled remote assistance.  I went up to build my own port 3389 to rule that it did not help.  I even looked through the services and on each service that is set to manual but not started with the word "remote" in there and started at all, still did not help.

    DRC does everything just not in 7 Home premium?

    You can run Remote Desktop [DRC] in client mode on any version of Windows 7. If you want to use to access remote Windows 7 PC then you need to run Windows 7 ultimate or professional. Home editions of Windows 7 may not act as a host DRC.

    It is the same with Vista Home Edition or XP Home Edition. Nor can serve as hosts for DRC.

    Remember that, although Remote Assistance uses the same port in remote desktop, they are completely different programs.

    http://Windows.Microsoft.com/en-us/Windows7/what-is-the-difference-between-remote-desktop-connection-and-Windows-remote-assistance

    http://Windows.Microsoft.com/en-us/Windows7/Windows-remote-assistance-frequently-asked-questions

    You could try TeamViewer as an alternative to control a PC Windows 7 Home. It's free for personal use and you can set it up, if you wish, use a local LAN IP address.

    http://www.TeamViewer.com

    As an accompaniment, notes his best to administer the WHS Console against the DRC. Here's a WHS Advanced Admin very nice add-in that enhances this feature. I use this on my WHS...

    http://mswhs.com/2008/01/22/Add-in-advanced-admin-console/ MS - MVP Windows Desktop Experience, "when everything has failed, read the operating instructions.

  • Cannot access a remote LAN with Cisco Client

    Hello

    IAM using an ASA 5505 and connect with the Cisco Client 5.0.02.0090. The Client connects to the Remote LAN and get an IP of the SAA.

    But I can't access the Remote LAN or ping the Interface of the ASA trainee.

    Can someone help me with this problem?

    If the client computer is in the same subnet as the other PC, then its dislikes a question ASA.

    Just make sure that the client computer is in the subnet, default gateway of 192.168.20.100 192.168.20./24 and connected to a switchport on vlan 1.

    Finally, check whether the DNS resolution works, or if you can browse the internet with the ip address.

  • Remote LAN Internet access

    I have a PIX 501 connected to an ordinary switch, unmanaged. The internal IP address of the PIX is 192.168.0.100. I also have a router connected to a remote site via a dedicated line. The router is also connected to the switch. The IP of the router E0 is 192.168.0.101. The IP address of the interface of the router S0 is example 192.1.1.1. On the remote site, the interface of the router S0 is 192.1.1.2, and the E0 interface is 192.168.1.101.

    Users on the LAN using the router as the gateway address. The router forwards all internet traffic to the PIX.

    The problem is that local users can hit the internet and the remote site. Remote users can hit the local site, but they can't hit the internet. They can't even ping the PIX. I assume that there must be a statement from access list in the PIX I'm missing, but I couldn't see what it takes.

    Paul,

    You have a route to your remote LAN in your PIX config file? i.e.

    inside

    If not, then add to the PIX config that is mode

    Route inside

    Let me know if this can help,

    Jay

  • Remote Access Connection Manager

    What is Remote Access Connection Manager and what is it?        PS. I don't know what Windows topic category and applications, this falls under, but since I HAD to choose one...  Thank you for your help.

    Hi bjeja,

    Welcome to the Microsoft community where you can find all the answers related to windows.

    Remote Access Connection manager manages connections dial-up and virtual private network (VPN) from the computer to the Internet or other remote networks.

    If you have questions about Windows do not hesitate to answer and we will be happy to help.

  • Remote Desktop connection and file sharing

    Hello, I have a technical question about file sharing.

    I use a remote desktop connection to connect to the server of the company.  We are currently between the two groups of IT services (last guy retired, he will be missed!) In any case, I need to backup my desktop files locally and have 4 or 5 of these local desktop file files saved as a backup on the server.   I want to just my files desktop back mount easily on the server. And I don't know how / what to ask to do this. I just need to know what to ask.

    I'm having problems:

    1. I don't know how to configure a file to save its content on and through a secure server.

    2. There are two types of files that I am trying to backup my office.  The details are below.

    2. the first type of files are simple files of customer data, PDF files, word files, files is excellent. Thus, some records are filled with the updated forms and these files constantly increasing in number and size of the file.  A simple example of this type would be a Bill.  File grows in size and file number every week because the new files are always being added.

    2B. I can't accurately describe the second type of file.  We use a program called TFP - when you open the program you load the specific customer file in a drop-down box.  Whenever you open the customer specific AMTS program saves any changes you made to this file and updates the customer file with a new date and then transfers the file from the client to a file from archive in C: drive. Basically, I want to save this file on the server of the company.

    3. can we make us safe so that data gets only shared a way?  I don't want people on the server to change my desktop files.

    Feel free to ask any questions.   Thank you in advance.

    David

    Hello

    You can request the assistance of here:

    https://social.technet.Microsoft.com/forums/en-us/home

  • How do you uninstall Remote Desktop connection?

    Can help me please to no how do I uninstall the (Remote Desktop connection), I would be very graetfull for any help

    Remove / uninstall Microsoft Remote Desktop Connection 6.0 (KB925876)

    Go to Add/Remove Programs - uninstall KB925876

    If for some reason he's not here...

    You can go to C:\WINDOWS\$NtUninstallKB925876$\spuninst and run spuninst.exe directly from there.

  • I have a new server and you cannot use Remote Desktop connection.

    I HAVE A NEW SERVER (HP ML110 G6) AND HAVE USED OLD HARD DISKS, BUT MY REMOTE DESKTOP CONNECTION WILL NOT ME OR OTHERS - WHAT COULD THE REASON BE?

    Hello

    I suggest you to try the steps below and check if it helps.

     The problem can also be caused by your security such as anti-virus program or a firewall of Windows /Defender that can have conflicting parameters as to not not to perform certain tasks. I suggest you temporary disable antivirus and firewall and check the result again. You must activate new security that you was disabled programs.
    Disable the antivirus software:

    http://Windows.Microsoft.com/en-us/Windows7/disable-antivirus-software

    May also need to do this on other computers as well.

    Important note: Antivirus software can help protect your computer against viruses and other security threats. In most cases, you should not disable your antivirus software. If you need to disable temporarily to install other software, you must reactivate as soon as you are finished. If you are connected to the Internet or a network, while your antivirus software is disabled, your computer is vulnerable to attacks.

    Hope this information is useful.

  • Remote Desktop connection has encountered a problem and must be nearby

    When printing a tag printing in internet explore from a server terminal server. I get the message "Remote Desktop connection has encountered a problem and needs to close". I get disconnected from the terminal server. I updated the file screwdriver as well as pilots of the printer. The printer is a HP3600.

    Hi Marcus,

    The question you have posted is related to the server terminal server and would be better suited to the TechNet community. Please visit the link below to find a community that will provide the best support.

    http://social.technet.Microsoft.com/forums/en/category/WindowsServer

Maybe you are looking for