LAN Routing
cancel
Showing results for 
Search instead for 
Did you mean: 

VPN issue HP Procurve Secure Router 7102dl

 
JarredC
Occasional Visitor

VPN issue HP Procurve Secure Router 7102dl

I am having an issue getting to the vpn attached network from a sub-interface network on a Procurve 7102dl Secure Router.

 

The setup is as follows:

Remote site connects to a 71020DL secure router via a Netgear Prosafe VPN firewall appliance. The remote site connects  as expected to eth 0/1 (Public) and is accessible from traffic coming from eth 0/2.1 (Private 192.168.x.x) on the Procurve.

 

Traffic coming from eth 0/2.4 (Private 10.1.x.x) on the procurve can not see the remote site. Can not ping or trace route to the remote network. Both time out. A check of the policy "Data" during a ping shows its attempting to go out the public interface.

 

I have added the 10.x.x.x network to the vpn access list statement (see below) without any luck. I have also added the same allow statement on the Policy connected to the 0/2.4 interface as is on the Policy connected to interface 0/2.1. That didn't do the trick either. Any ideas?

 

interface eth 0/1
  description
  ip address  66.x.x.x  255.255.255.252
  access-policy Public
  crypto map VPN
  no shutdown

 

interface eth 0/2.1
  description MMH Private Network sub int
  vlan-id 1 native
  ip address  192.168.10.2  255.255.255.0
  ip rip receive version 2
  ip rip send version 2
  access-policy Private
  no shutdown

interface eth 0/2.4
  description Production Gateway Voice and Data .1
  vlan-id 10
  ip address  10.1.0.2  255.255.252.0
  access-policy DATA

 

ip access-list extended VPN-10-vpn-selectors
  permit ip any  192.168.0.0 0.0.255.255     log
  permit ip any  10.0.0.0 0.255.255.255     log
  deny   ip any  any

ip policy-class Public
  allow reverse list VPN-10-vpn-selectors stateless

ip policy-class Public
  allow reverse list VPN-10-vpn-selectors stateless


ip policy-class Data
  allow reverse list VPN-10-vpn-selectors stateless