08-18-2008 02:30 AM - edited 02-21-2020 03:53 PM
I hope somebody can helping my with this one:
I have make two VPN IPSEC tunnels from different location and terminate it on the ASA 5505. (VPN A and VPN C)
Is it possible to forwarding traffic from location A through the ASA5505 (Location B) and then through Location C.
Location A 192.168.10.0/24
Location B 192.168.125.0/24
Location C 172.30.10.0/24
I want make an connection from 192.168.10.0/24 to 172.30.10.0/24 through the two VPN`s.
Kind Regards
08-18-2008 04:09 AM
Bart,
Yes it's very possible, just configure the below into the ASA5505:-
same-security-traffic permit intra-interface
Also be sure to amend your no-nat rules, to and from the network subnets.
HTH>
08-18-2008 06:54 AM
see the following link will guid u step by step to achive what u want
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807f9a89.shtml
good luck
please, if helpful Rate
08-18-2008 07:49 AM
Bart
To receive traffic from a VPN (or other source) on an interface and to then send that traffic back out the same interface is sometimes referred to as hairpinning and is what is required to support connection from A to C. By default the ASA does not allow hairpinning. But there are configuration commands that you can use to enable this. Try these commands on your ASA:
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
They should permit the traffic from A to C.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide