04-17-2007 06:58 AM - edited 02-21-2020 02:58 PM
I've been troubleshooting a problem and can't get over a hurdle. The ASA is running ASA running 7.2(1)24 code. I'm trying to use a client VPN tunnel to connect to the ASA. The ASA already has a LAN-to-LAN tunnel set up and functioning, and I need the client VPN to access the remote site over the LAN-to-LAN tunnel.
The internal IP address of the local side is 192.168.0.0/24 and the IP of the remote LAN-to-LAN tunnel is 172.20.1.0/24. The clients are handed out 192.168.200.0/24 IPs. I've attached the relevant configuration for the ASA.
When the client VPNs into the network, I can access the resources on the ASA's internal network. Users on the ASA's internal network can access resources across the LAN-to-LAN tunnel. Client VPNs cannot access resources over the LAN-to-LAN tunnel. For the latter, there are no hits on the C-TEST access list.
Thank you for your assistance.
Solved! Go to Solution.
04-17-2007 07:24 AM
try adding...
same-security-traffic permit intra-interface
04-17-2007 07:24 AM
try adding...
same-security-traffic permit intra-interface
04-17-2007 07:46 AM
We have the exact same issue however we are running pix 6.3(5). Is there a command in this release to do the same?
04-17-2007 08:06 AM
Unfortunately no.
04-17-2007 12:21 PM
This solved the problem. By the way, where do you go to mark this as the solution?
04-17-2007 12:23 PM
It's already marked, I guess you figured it out. Glad it helped.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide