Remote Access VPN

Hi, I have an accessabilty issue with a remote access VPN connection.
The remote access user can http and ftp to the Web server & FTP server, but when the remote access user connects to the VPN on the router at 72.44.20.14,
it cannot access the Web server or FTP Server. It can ping 192.168.100.73, but not .74. The Web Server IP address is 192.168.5.5 /29
I am not sure if I have to configure an access list to allow HTTP, FTP, & SSH traffic through the VPN, or if there is something else thats needs to be configured.
This is the config I have:


VPN / NAT ROUTER


int fa0/0
 ip address 192.168.100.13 255.255.255.252
 exit
!
int fa0/1
 ip address 192.168.100.70 255.255.255.252
 exit
!
int fa1/0
 ip address 192.168.100.5 255.255.255.252
 exit
!
int fa1/1
 ip address 192.168.100.1 255.255.255.252
 exit
!
int lo1
 description REMOTE ACCESS TO R1
 ip address 1.1.1.1 255.255.255.255
 exit
!
! 
aaa new-model
aaa authentication login REMOTE local
aaa authorization network REMOTE local
!
username xxxx secret xxxx
!
crypto isakmp policy 10
encryption aes 256
hash md5
authentication pre-share
group 2
lifetime 21600
exit
!
crypto isakmp client configuration group REMOTE 
key CISCO
pool VPN-POOL
!
ip local pool VPN-POOL 192.168.5.1 192.168.5.10
!
crypto ipsec transform-set VPN-SET esp-aes 256 esp-md5-hmac
!
crypto dynamic-map VPN-MAP 10
set transform-set VPN-SET 
reverse-route
exit
!
crypto map CLIENT-MAP client authentication list REMOTE
crypto map CLIENT-MAP isakmp authorization list REMOTE
crypto map CLIENT-MAP client configuration address respond
crypto map CLIENT-MAP 10 ipsec-isakmp dynamic VPN-MAP
!
int fa0/0
crypto map CLIENT-MAP
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 
!
router ospf 1
 router-id 100.1.1.1
 network 1.1.1.1 0.0.0.0 area 0
 network 192.168.100.1 0.0.0.0 area 0
 network 192.168.100.5 0.0.0.0 area 0
 network 192.168.100.13 0.0.0.0 area 0
 network 192.168.100.70 0.0.0.0 area 0
!
auto-cost reference-bandwidth 100
!
ip nat inside source list NAT-TRANSLATIONS interface FastEthernet0/0 overload
!
ip nat inside source static tcp 192.168.5.5 80 72.44.20.14 80 
ip nat inside source static tcp 192.168.5.5 443 72.44.20.14 443 
ip nat inside source static tcp 192.168.5.5 80 72.44.30.14 80 
ip nat inside source static tcp 192.168.5.5 443 72.44.30.14 443 
ip nat inside source static tcp 192.168.5.6 20 72.44.20.14 20 
ip nat inside source static tcp 192.168.5.6 21 72.44.20.14 21 

DMZ Switch


ip routing 
!
vlan 200
 name SSH-TO-DMZ-VPN-NAT-SWITCH
!
interface Vlan200
 ip address 192.168.200.41 255.255.255.248
!
vlan 5
name DMZ_VLAN
!
int vlan 5
 ip address 192.168.5.1 255.255.255.248
!
int range fa0/5 - 6
 switchport mode access
 switchport access vlan 5
!
int fa0/1
 no switchport
 ip address 192.168.100.69 255.255.255.252
!
int fa0/24
 no switchport
 ip address 192.168.100.74 255.255.255.252
!
int lo1
 description REMOTE-ACCESS-TO-L3-DMZ-SW
 ip address 66.66.66.66 255.255.255.255
 exit
!
ip route 0.0.0.0 0.0.0.0 192.168.100.73
!
router ospf 1
 router-id 200.6.6.6
 network 66.66.66.66 0.0.0.0 area 0
 network 192.168.200.41 0.0.0.0 area 0
 network 192.168.5.0 0.0.0.255 area 0
 network 192.168.100.69 0.0.0.0 area 0
 network 192.168.100.74 0.0.0.0 area 0

A post was merged into an existing topic: Cisco IPsec Easy VPN Configuration