Using a Cisco Router or Firewall, which can connect to remote VPN's but cannot ping the internal network.



Then maybe you should read over the following guide.   I have been searching through the internet reading forums and it seems a lot of people are having issues with this, including myself.   I sit behind a Cisco ASA 5505 and i connect to a lot of clients through a remote VPN connections.  I can connect no problems and have a secure connection, but I am unable to ping the inside network (LAN).  I have tested the issue without my Cisco router and it connects no problem. 

So now that we have taken any form of wrong VPN settings out of the equation, we only leave a few more things to investigate.

If you're behind a device performing NAT (ie Cisco ASA or PIX) you will then need to allow the tunnel destination for NAT traversal (Click here to learn about NAT)


So if you are Sitting behind Router A and you would like to connect via remote VPN to Router B.  You would need to enable the isakmp nat-travesal command on Router B.


To add the following command to your Cisco ASA or PIX you will need the following:

 - Access to the destination ASA or PIX

 - A computer with Telnet, SSH or Serial connection to the destination PIX or ASA




Step 1:  Connect Via SSH, Telnet or Serial to the ASA or PIX

Step 2: Type enable and enter enable password

Step 3: Type "configure terminal"

Step 4: Type the following command " isakmp nat-traversal"

Step 5: " Type "wr" Which will save your configuration

Step 6: Close Terminal

Step 7: Connect to remote VPN connection and try Ping