I have several ASA-5500-series devices deployed to our various locations. Remote users VPN in to our main office's ASA-5510, but recently they've needed access to the network resources that are available on the site-to-site VPNs. However, remote users are not able to access anything on the site-to-site VPNs, and I'm sure there's some reconfiguration I need to do before it's possible. However, all my attempts thus far have been unsuccessful. Is this possible, and if so, what do I need to reconfigure to make this work? Thanks!
Yes this is possible.
You need to...
1. enable "same-security-traffic permit intra-interface"
2. Add the traffic from the vpn client subnet to the interesting traffic for the lan2lan tunnel on the local and remote firewalls.
3. If using split tunneling, ensure the remote network you require access to is being tunneled.
This may also help...
Please rate helpful posts.