03-27-2008 01:27 PM - edited 03-11-2019 05:23 AM
We have a site-to-site vpn with our London site and they need access to a webserver in our DMZ. I haven't had any trouble getting our remote vpn users access, but am unable to connect the London office to the webserver.
Attached are the configs I implemented.
Thanks in advance.
03-27-2008 01:48 PM
Add the traffic to the nat exemption acl for the dmz and also for the crypto acl for the interesting traffic for the l2l tunnel.
access-list No-NAT-DMZ extended permit ip
access-list
03-27-2008 02:06 PM
in the second access list, i added:
access-list DMZ_cryptomap extended permit ip 172.16.110.0 255.255.255.0 192.168.0.0 255.255.255.0
access-list DMZ_cryptomap extended permit ip 172.16.110.0 255.255.255.0 192.168.10.0 255.255.255.0
Would this be correct?
Thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: