08-18-2008 02:30 AM - edited 02-21-2020 03:53 PM
I hope somebody can helping my with this one:
I have make two VPN IPSEC tunnels from different location and terminate it on the ASA 5505. (VPN A and VPN C)
Is it possible to forwarding traffic from location A through the ASA5505 (Location B) and then through Location C.
Location A 192.168.10.0/24
Location B 192.168.125.0/24
Location C 172.30.10.0/24
I want make an connection from 192.168.10.0/24 to 172.30.10.0/24 through the two VPN`s.
Kind Regards
08-18-2008 04:09 AM
Bart,
Yes it's very possible, just configure the below into the ASA5505:-
same-security-traffic permit intra-interface
Also be sure to amend your no-nat rules, to and from the network subnets.
HTH>
08-18-2008 06:54 AM
see the following link will guid u step by step to achive what u want
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807f9a89.shtml
good luck
please, if helpful Rate
08-18-2008 07:49 AM
Bart
To receive traffic from a VPN (or other source) on an interface and to then send that traffic back out the same interface is sometimes referred to as hairpinning and is what is required to support connection from A to C. By default the ASA does not allow hairpinning. But there are configuration commands that you can use to enable this. Try these commands on your ASA:
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
They should permit the traffic from A to C.
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: