How to enable "hairpinning" on ASA5510

Unanswered Question
May 19th, 2008
User Badges:

dear sir

I have Remote IPSec VPN configured on ASA5510, but we need to lets a VPN client send IPSec-protected traffic to another VPN user, something called "hairpinning",

anyway, I've configured following the manual:

1,same-security-traffic permit intra-interface

2,access-list vpn permit ip

3,nat (outside) 0 access-list vpn

but it does not work, attached as my configuration, who can check for me?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
acomiskey Mon, 05/19/2008 - 05:10
User Badges:
  • Green, 3000 points or more

Your split tunnel acl is only encrypting traffic to I think you should add

access-list Mukdahan_splitTunnelAcl standard permit

acomiskey Mon, 05/19/2008 - 05:23
User Badges:
  • Green, 3000 points or more

Good to hear, thanks for the rate.


This Discussion