lwapp deployment over site to site vpn

Unanswered Question
Jul 9th, 2008
User Badges:

I'm having an issue with traffic flow from my wireless clients over a l2l vpn back to my core. On the core side of my tunnel exist the 10.0.0.0/8 subnets, the remote side is 172.24.0.0/16. I have no issues with traffic destined from my core to these remote 172.24.0.0 subnets. My issue is that I have 2 LWAP AP's at this remote site connected to a controller back at my core. When clients connect to my wireless networks they receive a 10.200.0.0/16 IP address. this obviously works fine on the core side, my question is when my wireless clients on the remote side of the tunnel receive a 10.200.0.0/16 IP how can I make that work across the tunnel as I now have devices on the same subnet on both sides of the tunnel. I'm sure there is a way, I'm just not sure how to configure. I have an ASA5520 at the core and ASA5505 at the remote site terminating the VPN. thanks.






  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bmarms Fri, 07/11/2008 - 04:55
User Badges:

An update on this issue. I have attached a diagram of my layout. Also, I noticed on the ASA 5505 there is a PAT xlation for my wireless client, 10.200.x.x/16 to the outside interface IP of the 5505. Should this be the case as this traffic should be passed through the GRE tunnel established by the AP which is inside my IPSEC L2L tunnel between the ASA's. I'm not sure why I am seeing this PAT xlation.



Actions

This Discussion