Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


VPN implementing

Posted on 2009-02-22
Medium Priority
Last Modified: 2012-05-06
VLAN user is suppose to access VPN
he is able to ping to, he cannot access to VPN servers

but TestUser is able to access VPN because he is directly connected to VPN network

how can i setup that VLANUser able to connect to VPNServers without using Cisco VPN Client
Question by:ammadeyy2020

Author Comment

ID: 23704470
the requirement is VLANUser should be able to access both VPN and LAN at the same time
LVL 13

Expert Comment

ID: 23704874
What is VLAN User's GW?
You have 2 firewalls shown on 2 different subnets..

Author Comment

ID: 23708011
VLAN users GW is
Juniper firewall is VPN firewall
Linux firewall is internet firewall for VLAN Users
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

LVL 13

Expert Comment

ID: 23708459
That subnet ( is not shown on the diagram.
Maybe the 3750 is doing routing?
I suspect the 2 users are using different exit points (firewalls).
Run a trace to the VPN server on both of them to compare.

Author Comment

ID: 23708480
the switch connected to Linux Firewall, there are many VLANS created, those clients gateway is there vlan gateway

Expert Comment

ID: 23711386
As both are private IP addresses.
Most probably test user access the internet using NAT rule (besides acl).
And VLAN user is not included in the NAT rule on your Juniper.

Accepted Solution

Sniper98G earned 2000 total points
ID: 23728609
It seams that you are attempting to have the user connect from the private side of the VPN through to the public side. Is you VPN currently configured to accept connection from it's private interface and do you have an appropriate group (one witch will provide the user with an outside IP) configured? If so is your user using the proper cedentials for that group?

Also in order to use both network simultaneously you would need to have a VPN client that supports split tunneling (like Cisco VPN client) and have split tunneling allow as an option in the VPN profile on your end point.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question