Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can not access the Lan after I connect with a cisco vpn client

Status
Not open for further replies.
sisip

sisip

Technical User
Jun 2, 2003
5
CA
I have a pix 501 firewall. In the pix configuration, I configured the address-pool with the local pool name. I also configured the pix to connect to a radius server on a Domain Controller with advance server. The active directory on the advance server is enable.
The clients connects to my domain with the VPN clients version 3.6 with their original LAN username and password with no problems. The problem is that they can not browse and ping the LAN network. They can not access anything on the network.
Any idea. Is it the DNS on my Windows domain?
 
Sort by date Sort by votes
Have you added DNS and WINS into the PIX? Quoted from
How to add DNS and WINS into your Cisco VPN server

If your VPN client cannot find servers or cannot ping computernmae, you may need to add DNS and WINS into your VPN server. For example, to add DNS and WINS on a Cisco Firewall PIX, add vpdn group 1 client configuation dns dnsservername and vpdn group 1 client configuration wins winsservername.

For more information, go to
Robert Lin, MS-MVP, MCSE and CNE
Windows & Network Support, Tips and FAQs on
 
Upvote 0 Downvote
Yes. I had the DNS and WINS and address from my Domain Controller. The VPN Dialer client had the ip address that came from the pix address-pool. In the ipconfig /all command there was no DHCP address.
Thank you for your help
 
Upvote 0 Downvote
Thank you Robert Lin,

I have a vpngroup configured to the DNS and WINS server. Is there a difference with vpnd group.

Denis
 
Upvote 0 Downvote
Is the pix the default route out of your LAN? I had a similar problem caused by my servers not having a route to the VPN clients through the pix. i.e. the Default route was a different box & so nobody could find things on the VPN.

Did that make sense?
 
Upvote 0 Downvote
Thank you for your response Northstar Dave.

Last night I verified and you were right. They were going out on the router instead of the Pix. I changed it and it still does not work. When a client connects to the pix, it connects immediately and he is authenticated immediately also. To my knowledge, he should be on the network since the authentication is done on my NT 4.0 PDC. The client still can't see the network and they still can't ping internal ip addresses, not even the ip of the nt4.0 PDC. I think it a configuration in my Pix. Do you think I am right?
Thank you
 
Upvote 0 Downvote
This is a feature of the CISCO VPN client. It is the way it is written. Once the CISCO is activate it cuts off access to your LAN/WAN unless you have your entire network accesible via the internet which is very unlikely.
 
Upvote 0 Downvote
I want to thank everybody who tried to help me. It finally works. My NAT configuration in the pix was wrong.


Thanks to everyone
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
664
microsGuy16
microsGuy16
ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
1K
gbaughma
gbaughma
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
758
DrB0b
DrB0b
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
1K
gbaughma
gbaughma
Teo En Ming
  • Locked
  • Question
Actions taken during Disaster Recovery for client whose IBM Megaraid controller has failed
Replies
2
Views
627
fightaccording
fightaccording

Part and Inventory Search

Sponsor

Back
Top