04-15-2009 05:59 PM - edited 03-11-2019 08:19 AM
How do you 'tell' the ASAs to build an IPSEC tunnel? How do you configure the above for "interesting traffic"? If we want the users on the remote site to click the Outlook icon to have access to the Exchange server at HQ via L2L tunnel, how is thus done?
Solved! Go to Solution.
04-15-2009 06:52 PM
Said,
I assume this is your first time in building a L2L ipsec tunnel between two devices.
Building the tunnel is rather straight forward as long you follow carefully a set of Ipsec rules and policies required to coninside and agree at both ends of the tunnel termination.
I suggest to look at these two links, the first and second link are examples of simple L2L VPN between two firewalls.
L2L ASA to ASA ipsec tunnels
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080950890.shtml
This link bellow will help you understand the syntax used to build Ipsec tunnels in general.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080094203.shtml
Once you have built the Ipsec tunnel policy at both ends seen in the fisrt link example provided the interesting traffic is trigger by accessing the host/outlook server in the HQ from the branch office based on the access list configured on the tunnel policy, in other words,interesting traffic simply means the users in branch office initiate some type of traffic such as a ping or any type of traffic towards the host/outlook server in HQ to bring up the ipsec tunnel
Regards
04-15-2009 06:52 PM
Said,
I assume this is your first time in building a L2L ipsec tunnel between two devices.
Building the tunnel is rather straight forward as long you follow carefully a set of Ipsec rules and policies required to coninside and agree at both ends of the tunnel termination.
I suggest to look at these two links, the first and second link are examples of simple L2L VPN between two firewalls.
L2L ASA to ASA ipsec tunnels
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080950890.shtml
This link bellow will help you understand the syntax used to build Ipsec tunnels in general.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080094203.shtml
Once you have built the Ipsec tunnel policy at both ends seen in the fisrt link example provided the interesting traffic is trigger by accessing the host/outlook server in the HQ from the branch office based on the access list configured on the tunnel policy, in other words,interesting traffic simply means the users in branch office initiate some type of traffic such as a ping or any type of traffic towards the host/outlook server in HQ to bring up the ipsec tunnel
Regards
04-15-2009 06:57 PM
Thank you.
04-15-2009 07:12 PM
Said, you're welcome.. thanks for rating..
if any issues drop us a note to assist.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide