Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
265
Views
0
Helpful
1
Replies

remote users access ipsec tunnel site

Go to solution
yayasolenet
Level 1
Level 1

‎03-09-2008 06:43 PM - edited ‎02-21-2020 03:36 PM

How to configure the ACL and route to allow remote users access to ipsec site like local users?

Current scenario is

1.remote users (192.168.2.0/24) ipsec <->Cisco 870 (192.168.0.0/24)

2. Cisco 870(192.168.0.0/24) ipsec tunnel <->cisco 1811 (10.0.0.0/24)

Now Remote users can access 192.168.0.0 network without problems, but how can they access 10.0.0.0 network?

I assume I can do like this:

1. in cisco 870, site-to-site tunnel permit ip 192.168.0.0 0.0.0.255 10.0.0.0 0.0.0.255

(add)permit ip 192.168.2.0 0.0.0.255 10.0.0.0 0.0.0.255

2. in cisco 1811 site-to-site vpn

(add)permit ip 10.0.0.0 0.0.0.255 192.168.2.0 0.0.0.255

3. in the split vpn settings in cisco870 add network 10.0.0.0/24

Is that right?

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jbayuka
Level 5
Level 5

‎03-17-2008 06:46 AM

You need to configure the interesting traffic in such a way that an ACL contains the source is remote LAN and destination as local LAN.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
jbayuka
Level 5
Level 5

‎03-17-2008 06:46 AM

You need to configure the interesting traffic in such a way that an ACL contains the source is remote LAN and destination as local LAN.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents