A Cisco Easy VPN software client is unable to access its local LAN devices once the VPN tunnel is established.
How can this issue be resolved?
Click on the arrows to vote for the correct answerA. B. C. D. E.
When a Cisco Easy VPN software client is unable to access its local LAN devices once the VPN tunnel is established, the issue can be resolved by following these steps:
A. Verify that the IP address assigned by the Cisco Easy VPN Server to the client is on the same network as the local LAN of the client. If it is not, the client will not be able to communicate with the local LAN devices.
B. The Cisco Easy VPN Server should apply a split-tunnel-policy that excludespecified, with a split-tunnel-list containing the local LAN addresses that are relevant to the client. This allows the client to access its local LAN devices while connected to the VPN, while still routing other traffic over the VPN tunnel.
C. The Cisco Easy VPN Server must push down an interface ACL that permits the traffic to the local LAN from the client. This ACL should allow traffic from the VPN client's IP address to the local LAN subnet.
D. If the VPN client needs to access all resources on the local LAN, the Cisco Easy VPN Server should apply a split-tunnel-policy of tunnelall to the client. This policy routes all traffic, including local LAN traffic, over the VPN tunnel.
E. Having multiple NICs on the Cisco Easy VPN client machine will not resolve the issue, as the problem is typically related to routing or access control.
In summary, the issue can be resolved by ensuring that the client's IP address is on the same network as the local LAN, applying a split-tunnel-policy that excludespecified with a split-tunnel-list containing the local LAN addresses, pushing down an interface ACL that permits traffic to the local LAN, or applying a split-tunnel-policy of tunnelall if necessary.