Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
282
Views
0
Helpful
1
Replies

Site-to-site VPN with 3 sites

AlexSzigetvary
Level 1
Level 1

‎03-13-2008 08:44 AM

I have 3 sites. On each site there is a ASA5505 resp. 5510.

I have a working ipsec tunnel between site A and B, and between B and C. What I am looking for is a way to pass traffic between A and C without creating an own tunnel between A and C. So somehow a way that the ASA on site B routes the traffic from tunnel site A to the tunnel site C.

Is that possible?

Any hints are very welcome.

Alex

Labels:
0 Helpful
1 Reply 1

acomiskey
Level 10
Level 10

‎03-13-2008 09:30 AM

Yes, this is possible.

Here is a doc describing how to do it with remote access vpn to site to site. You can do it the same way with site to site instead of remote access.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008046f307.shtml

Basically you just need to add the interesting traffic to the tunnels, add the extra nat exemption to the tunnels, and apply same-security-traffic permit intra-interface to site B.

Post up some configs if you need help.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents