Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Cisco 1801, VPN and routing problem.

Reply
Thread Tools

Cisco 1801, VPN and routing problem.

 
 
Masterx81
Guest
Posts: n/a
 
      03-05-2007
Hi to all...
I need a little help with a problem...
My situation is as follow:
There is a central office, with a isa server that filter the internet
traffic, and a branch office without a server.
Due to a direct request of the factory owner, i need to use 2 cisco
1801 with site to site vpn for connecting the offices, It also want to
use the same router for normal internet navigation on both sites.
On the main office i've configured the 1801 with the int Fast0, joined
with the wlan interfaces in a virtual bridge (BVI2
192.168.200.200/24), and the vlan1 (fast0- is alone in the BVI1
group (10.0.0.2/24) . The BVI1 is connected to the external port of
the isa server (10.0.0.1/24), and uses nat for a little dmz. The BVI2
is connected to the local lan (with the internal interface of isa -
192.168.200.1), so that the wlan traffic will pass the isa rules.
Really strange config, isn't?
On the branch office, the 1801 is configured as internet gateway with
nat, and the traffic will be not filtered. (int BVI1
192.168.201.200/24).
I've made a config with internet working, vpn site to site working,
restrictive access lists, and so on, but i have a trouble...
For not adding a default gateway to all the clients on the main office
(as the actual default gateway is the isa server), on the internal lan
port of the isa server i've made a static route with destination
192.168.201.x and gateway 192.168.200.200 for redirecting the traffic
to the other side of the vpn. Now, all seem to work, pings are
working, but when i launch (for example) a terminal session on a
server on the other site (both sites), the connection is established,
the terminal session will start, but the screen remain empty, and
there is no futher data traffic, and the connection will drop.

Seem that i've missed a route, but where? With tracert on a machine on
the branch office to the isa server i've discovered that packets goes
to destination, the first passage is the 1801, the second is null ( *
* * ), and the third is the destination

One thing that i notice is that ping on client machines on both sides
are working, but from the routers i'm not able to ping any of the
hosts placed on the other side of the vpn. Why?

Can someone help me? What i'm missing?
Thanks!

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
USB Keys and Cisco VPN Concentrator / Cisco VPN Client ? TechGuy Cisco 3 02-05-2009 01:05 PM
Site to Site VPN routing - Cisco 1841 to Nortel VPN Router 1010 peachmach5@yahoo.com Cisco 1 09-21-2007 09:35 PM
VPN Connection Problems between Cisco PIX 506E and Cisco VPN Concentrator 3005 Kai Cisco 0 02-15-2005 02:03 PM
VPN router-cisco vpn client routing issue OZ Cisco 3 01-14-2005 09:22 PM
Cisco vpn server enabled / VPN and no-VPN connections mix Elise Cisco 6 05-22-2004 07:55 AM



Advertisments