Cisco 1801, VPN and routing problem.

Discussion in 'Cisco' started by Masterx81, Mar 5, 2007.

  1. Masterx81

    Masterx81 Guest

    Hi to all...
    I need a little help with a problem...
    My situation is as follow:
    There is a central office, with a isa server that filter the internet
    traffic, and a branch office without a server.
    Due to a direct request of the factory owner, i need to use 2 cisco
    1801 with site to site vpn for connecting the offices, It also want to
    use the same router for normal internet navigation on both sites.
    On the main office i've configured the 1801 with the int Fast0, joined
    with the wlan interfaces in a virtual bridge (BVI2, and the vlan1 (fast0-8) is alone in the BVI1
    group ( . The BVI1 is connected to the external port of
    the isa server (, and uses nat for a little dmz. The BVI2
    is connected to the local lan (with the internal interface of isa -, so that the wlan traffic will pass the isa rules.
    Really strange config, isn't?
    On the branch office, the 1801 is configured as internet gateway with
    nat, and the traffic will be not filtered. (int BVI1
    I've made a config with internet working, vpn site to site working,
    restrictive access lists, and so on, but i have a trouble...
    For not adding a default gateway to all the clients on the main office
    (as the actual default gateway is the isa server), on the internal lan
    port of the isa server i've made a static route with destination
    192.168.201.x and gateway for redirecting the traffic
    to the other side of the vpn. Now, all seem to work, pings are
    working, but when i launch (for example) a terminal session on a
    server on the other site (both sites), the connection is established,
    the terminal session will start, but the screen remain empty, and
    there is no futher data traffic, and the connection will drop.

    Seem that i've missed a route, but where? With tracert on a machine on
    the branch office to the isa server i've discovered that packets goes
    to destination, the first passage is the 1801, the second is null ( *
    * * ), and the third is the destination

    One thing that i notice is that ping on client machines on both sides
    are working, but from the routers i'm not able to ping any of the
    hosts placed on the other side of the vpn. Why?

    Can someone help me? What i'm missing?
    Masterx81, Mar 5, 2007
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Masterx81
    Mar 8, 2007
  2. Masterx81

    Cisco 1801 VPN Problem

    Masterx81, Mar 9, 2007, in forum: Cisco
    Mar 9, 2007
  3. Masterx81

    PPTP, IAS Radius and Cisco 1801

    Masterx81, Jun 13, 2007, in forum: Cisco
    Jun 14, 2007
  4. corb
  5. marsav

    CISCO 1801 DNS problem

    marsav, Jun 14, 2009, in forum: Hardware
    Jul 5, 2009