Unanswered Question
Dec 21st, 2008

We have an ASA 5550 at the Headquarter. We already setup Remote Access VPN (using Cisco VPN client). We also setup Split-tunneling and assign private IP addresses (2000 hosts).

We want to setup Site-to-Site VPN. Is it possible to setup a site-to-site VPN with Split-tunneling? Do you recommend using a different IP address pool from the Remote Acess VPN? Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Mon, 12/22/2008 - 09:53


It is certainly possible to configure and run both Remote Access VPN and Site to Site VPN in the same ASA. And it is possible for the Site to Site to support split tunneling.

I am not sure about the part of your question asking about address pool since a site to site VPN does not usually use an address pool. In Site to Site VPN each site manages their own addresses and part of what you need to do for Site to Site is to configure an access list which will identify the traffic to go through the VPN and to be protected by IPSec.




This Discussion