05-19-2008 03:57 AM - edited 03-09-2019 08:43 PM
dear sir
I have Remote IPSec VPN configured on ASA5510, but we need to lets a VPN client send IPSec-protected traffic to another VPN user, something called "hairpinning",
anyway, I've configured following the manual:
1,same-security-traffic permit intra-interface
2,access-list vpn permit ip 172.16.99.0 255.255.255.0 172.16.99.0 255.255.255.0
3,nat (outside) 0 access-list vpn
but it does not work, attached as my configuration, who can check for me?
Thanks
tom
05-19-2008 05:10 AM
Your split tunnel acl is only encrypting traffic to 192.168.1.0. I think you should add 172.16.99.0.
access-list Mukdahan_splitTunnelAcl standard permit 172.16.99.0 255.255.255.0
05-19-2008 05:18 AM
great, it's work.
thank you very much
05-19-2008 05:23 AM
Good to hear, thanks for the rate.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: