DComTalk.com

Discussion of VoIP, VPN, Video Conferencen, DSL and other data commucations.

Skip to content

vpn to office and access internal lan

Virtual Private Network Technology.
Post a reply

vpn to office and access internal lan

Postby pIX2 » Thu Nov 24, 2005 11:02 pm

Hi,
I'm in a customer's office and I'm trying to vpn to my office. I can
login using my cisco 4.6 vpn client and it was authenticated ok by my
office's vpn cisco concentrator. But the problem is I can not ping /
telnet to my office LAN. Can someone tell me what the customer needs
to open up in his firewall, so i can access my office LAN >>>??
thanks for your help.
J
pIX2
 
Top

Re: vpn to office and access internal lan

Postby Simon » Fri Nov 25, 2005 4:20 am

pIX2 wrote:
Hi,
I'm in a customer's office and I'm trying to vpn to my office. I can
login using my cisco 4.6 vpn client and it was authenticated ok by my
office's vpn cisco concentrator. But the problem is I can not ping /
telnet to my office LAN. Can someone tell me what the customer needs
to open up in his firewall, so i can access my office LAN >>>??
thanks for your help.
J

If you can connect with the vpn client then nothing else needs to be

opened on the customer firewall. It's not something like the customers
lan subnet is the same as your company subnet ? that would break things.
simon
Simon
 
Top

Re: vpn to office and access internal lan

Postby pIX2 » Fri Nov 25, 2005 6:39 pm

Simon wrote:
pIX2 wrote:
Hi,
I'm in a customer's office and I'm trying to vpn to my office. I can
login using my cisco 4.6 vpn client and it was authenticated ok by my
office's vpn cisco concentrator. But the problem is I can not ping /
telnet to my office LAN. Can someone tell me what the customer needs
to open up in his firewall, so i can access my office LAN >>>??
thanks for your help.
J

If you can connect with the vpn client then nothing else needs to be
opened on the customer firewall. It's not something like the customers
lan subnet is the same as your company subnet ? that would break things.
simon

Well, if i'm outside the firewall of the customer, after I vpn in, I
was able to ping/telnet to my servers in the office. If I'm inside the
customer's firewall, I can vpn in but I'm unable to access any of my
servers, such as telnet/ http, etc. ping, telnet, and http are open in
the customer's firewall. I can ping yahoo, browsed web, etc.
pIX2
 
Top

Re: vpn to office and access internal lan

Postby Mike Drechsler - SPAM PRO » Fri Nov 25, 2005 6:47 pm

pIX2 wrote:
Simon wrote:
pIX2 wrote:
Hi,
I'm in a customer's office and I'm trying to vpn to my office. I can
login using my cisco 4.6 vpn client and it was authenticated ok by my
office's vpn cisco concentrator. But the problem is I can not ping /
telnet to my office LAN. Can someone tell me what the customer needs
to open up in his firewall, so i can access my office LAN >>>??
thanks for your help.
J

If you can connect with the vpn client then nothing else needs to be
opened on the customer firewall. It's not something like the customers
lan subnet is the same as your company subnet ? that would break things.
simon

Well, if i'm outside the firewall of the customer, after I vpn in, I
was able to ping/telnet to my servers in the office. If I'm inside the
customer's firewall, I can vpn in but I'm unable to access any of my
servers, such as telnet/ http, etc. ping, telnet, and http are open in
the customer's firewall. I can ping yahoo, browsed web, etc.


They are using the same IP subnet as the network on the remote side. A
small travel router may allow you to setup a simple little network where
you can control the local IP subnet. Even if an intermediate network
segment (the part between your little router and their firewall) has a
conflicting IP range this should still work. It's a lame little hack
that can work if you have no ability to renumber the networks.

This is one of the reasons you should avoid using the common network
numbering for consumer routers when you setup an office LAN with a VPN
gateway. Try to avoid the 192.168.0.x-192.168.2.x ranges.


--
WARNING! Email address has been altered for spam resistance.
Please remove the -deletethispart-. section before replying directly.
Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)
Mike Drechsler - SPAM PRO
 
Top

Re: vpn to office and access internal lan

Postby Dennis Willson » Wed Nov 30, 2005 3:05 am

I'll bet that when you were outside the firewall you had a different IP address.

I'll also bet that you have the same IP address range at your office as the customer has. This causes problems.

Simon wrote:
pIX2 wrote:

Hi,
I'm in a customer's office and I'm trying to vpn to my office. I can
login using my cisco 4.6 vpn client and it was authenticated ok by my
office's vpn cisco concentrator. But the problem is I can not ping /
telnet to my office LAN. Can someone tell me what the customer needs
to open up in his firewall, so i can access my office LAN >>>??
thanks for your help.
J

If you can connect with the vpn client then nothing else needs to be
opened on the customer firewall. It's not something like the customers
lan subnet is the same as your company subnet ? that would break things.
simon
Dennis Willson
 
Top
Post a reply

Return to VPN

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
cron