No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Through the NAT dodge L2tp address pool and internal network cannot in a network segment

Publication Date:  2019-07-18 Views:  92 Downloads:  0

Issue Description

Internal network-----LNS-----external network------client 
 Private user through the client software dialing in successfully, but it is unable to access internal network resources, the internal network is whole the province connected network, operating OSPF.

Alarm Information


Handling Process

1, from the customer known that the other users of the internal network can access resources normally, eliminate resources own problem.
2, because the customer have dialed successfully, dial-up parameter basic is right, through questioning known that the address pool is in the same network segment with the internal network which connected with firewall, after changed the address pool to another network segment, the problem is temporary solved.
3, customer reflect that can’t access other network segment resources, considering that the customer is in OSPF province network, which can't literally add routing, only try to let the post-dialed address and the firewall interface in a same network segment.
4, address pool can't be changed, but if wants to change the accessed internal network address, can use NAT, use it in trust and untrust direction, after testing, can access to normally.

Root Cause

1, resources itself has not opened authority
2, L2TP is not configured properly
3, there is no routing


NAT inbound is used not too much, but in no routing or not inconvenient to add new routing cases, the effect is obvious.