Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
358
Views
4
Helpful
2
Replies

VPN client could not able to conect other site

vchauhan12345
Level 1
Level 1

‎09-05-2007 05:30 AM - edited ‎03-11-2019 04:07 AM

Hi,

we are using site to site vpn between three sites/offices using ASA 5510.Now for outside connection, we have configured remote vpn and its working fine with the local site where its connecting/terminated but could not able to ping/connect other 2 remote sites which are working fine on L2l vpn.

Labels:
0 Helpful
2 Replies 2

cpembleton
Level 4
Level 4

‎09-09-2007 05:22 AM

You need to add the spoke to spoke networks to the acl's for ipsec and nonat traffic matching. On both ends of the L2L tunnels. Also, if your doing split-tunneling add the networks to that acl as well.

Then you need this command to allow haripining.

same-security-traffic permit intra-interface

See these links for detail instructions on doing spoke->spoke tunnels.

http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_configuration_example09186a008046f307.shtml

http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_configuration_example09186a00804675ac.shtml

Thanks,

Chad

Please rate if helpful!

vchauhan12345
Level 1
Level 1
In response to cpembleton

‎09-10-2007 02:45 AM

Hi cpembleton,

Thanks for the update.

It's solve all our problems

Thanks Again.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card