[VPN] RE: Cisco PIX 501 and Cisco remote VPN client&In-Reply-To=20040130150404.67610.qmail at mail.reds

Adam Pierce Adam.Pierce at hutto.txed.net
Mon Apr 12 21:26:28 EDT 2004


Here's a few things you are missing.
First, you need an access-list to keep your vpn traffic from being nat.
 
     access-list 101 permit ip 192.168.1.0 255.255.255.0 "vpn pool
range"
You'll also need another nat statement to put this access-list in
place
     nat (inside) 0 access-list 101
 
Your VPNpool will need to be in a different network than your internal
network so it can be routed.  It's also a good idea to not use numbers
that are frequently used in home networks, i.e. 192.168.1.0 or
192.168.100.0. 
     ip local pool VPNpool 192.168.128.230-192.168.128.240
 
These issues will certainly give you problems.  I hope this helps!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/vpn/attachments/20040412/ff2beefc/attachment.htm 


More information about the VPN mailing list