04-17-2007 06:58 AM - edited 02-21-2020 02:58 PM
I've been troubleshooting a problem and can't get over a hurdle. The ASA is running ASA running 7.2(1)24 code. I'm trying to use a client VPN tunnel to connect to the ASA. The ASA already has a LAN-to-LAN tunnel set up and functioning, and I need the client VPN to access the remote site over the LAN-to-LAN tunnel.
The internal IP address of the local side is 192.168.0.0/24 and the IP of the remote LAN-to-LAN tunnel is 172.20.1.0/24. The clients are handed out 192.168.200.0/24 IPs. I've attached the relevant configuration for the ASA.
When the client VPNs into the network, I can access the resources on the ASA's internal network. Users on the ASA's internal network can access resources across the LAN-to-LAN tunnel. Client VPNs cannot access resources over the LAN-to-LAN tunnel. For the latter, there are no hits on the C-TEST access list.
Thank you for your assistance.
Solved! Go to Solution.
04-17-2007 07:24 AM
try adding...
same-security-traffic permit intra-interface
04-17-2007 07:24 AM
try adding...
same-security-traffic permit intra-interface
04-17-2007 07:46 AM
We have the exact same issue however we are running pix 6.3(5). Is there a command in this release to do the same?
04-17-2007 08:06 AM
Unfortunately no.
04-17-2007 12:21 PM
This solved the problem. By the way, where do you go to mark this as the solution?
04-17-2007 12:23 PM
It's already marked, I guess you figured it out. Glad it helped.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: