Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 1 subscriber
  • Views 1066 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cisco VPN to 3 Networks

unst
Hi all,
today i activated the Cisco VPN and after i removed the domain name unter RemoteAccess -> Advanced it worked well.
But when i put more than 1 "local network" in the box on the configuraiton site i can only access the very first network.

i tested it. it always just set the route to the first network.
have a look at the screens please.

do you know how i can tell the client or the asg to set routes to all networks?
thanks!


This thread was automatically locked due to age.
  • 0 in reply to unst
    Yes, but you had no domain name set, so it's not that closely related but rather the same category of problem... something with the Cisco Unity modecfg attributes.
  • 0 in reply to BAlfson
    Hmmm... However, it is possible to use Network Groups in the SSL VPN where the same potential exists.  Interesting.


    Heresy! Burn him! =)

    Srsly: you're right, this is not very homogeneous throughout WebAdmin, due to the fact that features were added at different times by different people. However a group wouldn't help here as the issue is located at rather deep layer where it would have been expanded anyways.
  • 0

    do you know how i can tell the client or the asg to set routes to all networks?


    I think I found the cause for this. Could you please verify that these commands fix your issue: 


    ipsec pool --delattr UNITY_SPLIT_INCLUDE --pool REF_zbgxvTbqmR

    ipsec pool --addattr UNITY_SPLIT_INCLUDE --pool REF_zbgxvTbqmR --subnet 192.168.15.0/255.255.255.0,192.168.125.0/255.255.255.0,192.168.17.0/255.255.255.0


    You must not be connected with the Cisco VPN Client at the time you run the commands on the ASG. After you're connected, the changes will be overwritten by mdw again, so this is no practical workaround. To verify that the routes are set, please also run `route print` in a Windows cmd shell.
  • 0 in reply to d12fk
    This is fixed in 8.100 beta 2 (aka 8.055) now. Thanks for the report.