LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Computer behind a Cisco router and VPN setup (https://www.linuxquestions.org/questions/linux-networking-3/computer-behind-a-cisco-router-and-vpn-setup-4175509320/)

kevinlyfellow 06-26-2014 07:01 PM
Computer behind a Cisco router and VPN setup
 
First off, I apologize for not knowing much about networking, I would RTFM if I new which FM to read.

I have a Cisco router which acts as a gateway for a remote network. This router connects to a switch which has several devices attached.

One device is a Debian Wheezy computer. When I setup my computer on the switch, I can connect to it through ssh and ping it as well.

I'd like to access this remotely, which I should be able to through the vpn that is setup. When I connect to the VPN and ping the device, there is no response.

So my question is if there is anything that I need to setup special when trying to ping it when using a VPN? I've contacted the people managing the Cisco router and they say they can see that it is there and they think that it is a firewall issue.

So I setup iptables to allow everything through. But this did not solve my problem (which I was skeptical about in the first place).

At this point I have no clue why the setup doesn't work. If anyone can give me any advice or direction on setting this computer up, please chime in.

Thank you

jefro 06-27-2014 04:37 PM
Ping is generally blocked by default on many new systems and devices.

We may need to know this vpn. Where does it connect or end point at? What vpn is it? I assume you mean you have a vpn to this cisco router. Can you access the router at all?

kevinlyfellow 06-28-2014 12:42 PM
Ping works when connected locally (the switch on site) as does ssh. I have no access to the router, but I did run wireshark and found that packets are being sent to it but it is not responding to the packets(so it's not the router).

It's Cisco's AnyConnect vpn and I don't have access to the router. I've also been trying ssh over the network as well, so it's not just icmp.

An example of what I see from wireshark:
TCP packet from 10.192.0.6 to 10.192.25.245 (my linux computer) with no response

Thanks for the reply

jefro 06-28-2014 04:09 PM
I may be all wrong on this an maybe someone else has better ideas.

If you can't configure the router then I think you'd be out of luck trying to nat any connection.

A very general how to includes this.
"access-list NAT-EXEMPT extended permit ip 192.168.100.0 255.255.255.0 192.168.104.0 255.255.255.0
tunnel-group VPN general-attributes
address-pool AnyConnect (the address pool you created earlier)"

http://www.techrepublic.com/blog/smb...isco-asa-5505/


All times are GMT -5. The time now is 07:28 AM.