Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

VPN client could not able to conect other site

Unanswered Question
Sep 5th, 2007
User Badges:


we are using site to site vpn between three sites/offices using ASA 5510.Now for outside connection, we have configured remote vpn and its working fine with the local site where its connecting/terminated but could not able to ping/connect other 2 remote sites which are working fine on L2l vpn.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
cpembleton Sun, 09/09/2007 - 05:22
User Badges:
  • Silver, 250 points or more

You need to add the spoke to spoke networks to the acl's for ipsec and nonat traffic matching. On both ends of the L2L tunnels. Also, if your doing split-tunneling add the networks to that acl as well.

Then you need this command to allow haripining.

same-security-traffic permit intra-interface

See these links for detail instructions on doing spoke->spoke tunnels.





Please rate if helpful!

vchauhan12345 Mon, 09/10/2007 - 02:45
User Badges:

Hi cpembleton,

Thanks for the update.

It's solve all our problems

Thanks Again.


This Discussion