IPSec Hairpinning

Unanswered Question
Oct 22nd, 2008
User Badges:

We have ASA 5510 which terminate Remote VPN clients as CVPN client and also hardware base client (Cisco IOS routers). How can we do that CVPN client when a connected to ASA has access at remote sites (through ASA, hub-spoke) which connected with hardware VPN clients (which work in auto mode with network extension). Is it possible?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mljevakovic Wed, 10/22/2008 - 03:56
User Badges:

We have an IP pool for CVPN clients: but hardware clients have own LAN networks for example:, 192.168.3./24 etc. What must I do in this case?

The encryption domains must include the to be able to encrypted and decrypted from the remote sites.

Something like:-

access-list vpn-site-a permit ip

access-list vpn-site-b permit ip



This Discussion