«

Hello all. I've got a vpn concentrator. Its management/private
address is say:
172.16.16.115

I then have a local network:
192.168.1.x

I also have networks:
192.168.2.x 192.168.3.x - these are network outside of our building
and connected to us through a VPN and its address for example is:
192.168.1.115

when I am connected through my cisco vpn I can ping 172.16.16.10 -
172.16.16.110 etc. I can also ping 192.168.1.10 - 192.168.1.110
etc...

I can not ping for example 192.168.2.10 or 192.168.2.110 or
192.168.3.10

Where and what would I add so that my cisco vpn knows thatany traffic
for the 192.168.2.0 network needs to goto my other vpn device
(192.168.1.115) I am guessing?

where is this added?
thanks

On Sat, 23 Feb 2008, wrote:

> Hello all. I've got a vpn concentrator. Its management/private
> address is say:
> 172.16.16.115
>
> I then have a local network:
> 192.168.1.x
>
> I also have networks:
> 192.168.2.x 192.168.3.x - these are network outside of our building
> and connected to us through a VPN and its address for example is:
> 192.168.1.115
>
> when I am connected through my cisco vpn I can ping 172.16.16.10 -
> 172.16.16.110 etc. I can also ping 192.168.1.10 - 192.168.1.110
> etc...
>
> I can not ping for example 192.168.2.10 or 192.168.2.110 or
> 192.168.3.10
>
> Where and what would I add so that my cisco vpn knows thatany traffic
> for the 192.168.2.0 network needs to goto my other vpn device
> (192.168.1.115) I am guessing?
>
> where is this added?
> thanks
>

Fromm the Configuration menu tree, drill down to System>IP Routing>Reverse Route Injection.
Select the Network Extension Reverse Route Injection check box and click Apply.

Doan

OK I have done that and it makes no differance. I then added:
192.168.2.0/255.255.255.0 to the address pool Hold Down routes list.
Still nothing, can not get to for example 192.168.2.10

If I do a traceroute to 192.168.2.10 from my local computer not
connected through the vpn the trace goes to my local gatewy and then
my nortel vpn router 192.168.1.173 and then from there it gets to
192.168.2.10

any ideas?

On Feb 24, 3:52 pm, Doan <d...@usc.edu> wrote:
> On Sat, 23 Feb 2008, paul...@excite.com wrote:
> > Hello all. I've got a vpn concentrator. Its management/private
> > address is say:
> > 172.16.16.115
>
> > I then have a local network:
> > 192.168.1.x
>
> > I also have networks:
> > 192.168.2.x 192.168.3.x - these are network outside of our building
> > and connected to us through a VPN and its address for example is:
> > 192.168.1.115
>
> > when I am connected through my cisco vpn I can ping 172.16.16.10 -
> > 172.16.16.110 etc. I can also ping 192.168.1.10 - 192.168.1.110
> > etc...
>
> > I can not ping for example 192.168.2.10 or 192.168.2.110 or
> > 192.168.3.10
>
> > Where and what would I add so that my cisco vpn knows thatany traffic
> > for the 192.168.2.0 network needs to goto my other vpn device
> > (192.168.1.115) I am guessing?
>
> > where is this added?
> > thanks
>
> Fromm the Configuration menu tree, drill down to System>IP Routing>Reverse Route Injection.
> Select the Network Extension Reverse Route Injection check box and click Apply.
>
> Doan

<> wrote in message
news:f59bca16-e889-4877-b885-...
> OK I have done that and it makes no differance. I then added:
> 192.168.2.0/255.255.255.0 to the address pool Hold Down routes list.
> Still nothing, can not get to for example 192.168.2.10
>
> If I do a traceroute to 192.168.2.10 from my local computer not
> connected through the vpn the trace goes to my local gatewy and then
> my nortel vpn router 192.168.1.173 and then from there it gets to
> 192.168.2.10
>
> any ideas?
>
> On Feb 24, 3:52 pm, Doan <d...@usc.edu> wrote:
>> On Sat, 23 Feb 2008, paul...@excite.com wrote:
>> > Hello all. I've got a vpn concentrator. Its management/private
>> > address is say:
>> > 172.16.16.115
>>
>> > I then have a local network:
>> > 192.168.1.x
>>
>> > I also have networks:
>> > 192.168.2.x 192.168.3.x - these are network outside of our building
>> > and connected to us through a VPN and its address for example is:
>> > 192.168.1.115
>>
>> > when I am connected through my cisco vpn I can ping 172.16.16.10 -
>> > 172.16.16.110 etc. I can also ping 192.168.1.10 - 192.168.1.110
>> > etc...
>>
>> > I can not ping for example 192.168.2.10 or 192.168.2.110 or
>> > 192.168.3.10
>>
>> > Where and what would I add so that my cisco vpn knows thatany traffic
>> > for the 192.168.2.0 network needs to goto my other vpn device
>> > (192.168.1.115) I am guessing?
>>
>> > where is this added?
>> > thanks
>>
>> Fromm the Configuration menu tree, drill down to System>IP
>> Routing>Reverse Route Injection.
>> Select the Network Extension Reverse Route Injection check box and click
>> Apply.
>>
>> Doan
>

In the groups config you are pointing to a network list. You need to edit
that network list to include the additional subnets you wish to get to.

Yes I've done that, I have added: 192.168.2.0/0.0.0.255

did not do a thing, still can not get to that subnet

On Feb 25, 9:51 pm, "Brian V" <diespam...@nospam.com> wrote:
> <paul...@excite.com> wrote in message
>
> news:f59bca16-e889-4877-b885-...
>
>
>
> > OK I have done that and it makes no differance. I then added:
> > 192.168.2.0/255.255.255.0 to the address pool Hold Down routes list.
> > Still nothing, can not get to for example 192.168.2.10
>
> > If I do a traceroute to 192.168.2.10 from my local computer not
> > connected through the vpn the trace goes to my local gatewy and then
> > my nortel vpn router 192.168.1.173 and then from there it gets to
> > 192.168.2.10
>
> > any ideas?
>
> > On Feb 24, 3:52 pm, Doan <d...@usc.edu> wrote:
> >> On Sat, 23 Feb 2008, paul...@excite.com wrote:
> >> > Hello all. I've got a vpn concentrator. Its management/private
> >> > address is say:
> >> > 172.16.16.115
>
> >> > I then have a local network:
> >> > 192.168.1.x
>
> >> > I also have networks:
> >> > 192.168.2.x 192.168.3.x - these are network outside of our building
> >> > and connected to us through a VPN and its address for example is:
> >> > 192.168.1.115
>
> >> > when I am connected through my cisco vpn I can ping 172.16.16.10 -
> >> > 172.16.16.110 etc. I can also ping 192.168.1.10 - 192.168.1.110
> >> > etc...
>
> >> > I can not ping for example 192.168.2.10 or 192.168.2.110 or
> >> > 192.168.3.10
>
> >> > Where and what would I add so that my cisco vpn knows thatany traffic
> >> > for the 192.168.2.0 network needs to goto my other vpn device
> >> > (192.168.1.115) I am guessing?
>
> >> > where is this added?
> >> > thanks
>
> >> Fromm the Configuration menu tree, drill down to System>IP
> >> Routing>Reverse Route Injection.
> >> Select the Network Extension Reverse Route Injection check box and click
> >> Apply.
>
> >> Doan
>
> In the groups config you are pointing to a network list. You need to edit
> that network list to include the additional subnets you wish to get to.

I take this as these networks are not LAN-to-LAN VPNs? If so, you can
just add them as static routes on your concentrator.

Doan

On Tue, 26 Feb 2008, wrote:

> Yes I've done that, I have added: 192.168.2.0/0.0.0.255
>
> did not do a thing, still can not get to that subnet
>
> On Feb 25, 9:51 pm, "Brian V" <diespam...@nospam.com> wrote:
> > <paul...@excite.com> wrote in message
> >
> > news:f59bca16-e889-4877-b885-...
> >
> >
> >
> > > OK I have done that and it makes no differance. I then added:
> > > 192.168.2.0/255.255.255.0 to the address pool Hold Down routes list.
> > > Still nothing, can not get to for example 192.168.2.10
> >
> > > If I do a traceroute to 192.168.2.10 from my local computer not
> > > connected through the vpn the trace goes to my local gatewy and then
> > > my nortel vpn router 192.168.1.173 and then from there it gets to
> > > 192.168.2.10
> >
> > > any ideas?
> >
> > > On Feb 24, 3:52 pm, Doan <d...@usc.edu> wrote:
> > >> On Sat, 23 Feb 2008, paul...@excite.com wrote:
> > >> > Hello all. I've got a vpn concentrator. Its management/private
> > >> > address is say:
> > >> > 172.16.16.115
> >
> > >> > I then have a local network:
> > >> > 192.168.1.x
> >
> > >> > I also have networks:
> > >> > 192.168.2.x 192.168.3.x - these are network outside of our building
> > >> > and connected to us through a VPN and its address for example is:
> > >> > 192.168.1.115
> >
> > >> > when I am connected through my cisco vpn I can ping 172.16.16.10 -
> > >> > 172.16.16.110 etc. I can also ping 192.168.1.10 - 192.168.1.110
> > >> > etc...
> >
> > >> > I can not ping for example 192.168.2.10 or 192.168.2.110 or
> > >> > 192.168.3.10
> >
> > >> > Where and what would I add so that my cisco vpn knows thatany traffic
> > >> > for the 192.168.2.0 network needs to goto my other vpn device
> > >> > (192.168.1.115) I am guessing?
> >
> > >> > where is this added?
> > >> > thanks
> >
> > >> Fromm the Configuration menu tree, drill down to System>IP
> > >> Routing>Reverse Route Injection.
> > >> Select the Network Extension Reverse Route Injection check box and click
> > >> Apply.
> >
> > >> Doan
> >
> > In the groups config you are pointing to a network list. You need to edit
> > that network list to include the additional subnets you wish to get to.
>
>
>

[jpbuse]

Quote:

Originally Posted by

Hello all. I've got a vpn concentrator. Its management/private
address is say:
172.16.16.115

I then have a local network:
192.168.1.x

I also have networks:
192.168.2.x 192.168.3.x - these are network outside of our building
and connected to us through a VPN and its address for example is:
192.168.1.115

when I am connected through my cisco vpn I can ping 172.16.16.10 -
172.16.16.110 etc. I can also ping 192.168.1.10 - 192.168.1.110
etc...

I can not ping for example 192.168.2.10 or 192.168.2.110 or
192.168.3.10

Where and what would I add so that my cisco vpn knows thatany traffic
for the 192.168.2.0 network needs to goto my other vpn device
(192.168.1.115) I am guessing?

Once thing you may need to do is add the routes to your remote locations to your office router. For example, if you're in the office and need to route to your remote sites your router must know how to handle that.

So, in your router add a route for each remote site such as:
ip route 192.168.2.0 255.255.255.0 192.168.1.115
ip route 192.168.3.0 255.255.255.0 192.168.1.115

I'm assuming 192.168.1.115 is the private interface of your VPN concentrator.