07-14-2009 06:12 AM
Hi guys,
I'm using asa 5510 with a few branches connected via site-site vpn.
When remote vpn into HQ network, i can't access to my branches network.
How can i configure in order for me to access them via remote vpn?
Please advice. Thanks
07-14-2009 07:59 AM
This link should help to accomplish your requirements.
Regards
07-14-2009 08:09 AM
Thanks for the reply.
from my asa to remote site is connected via 877 router.
For example, my VPN client ip address is 192.168.1.0/24
HQ 192.168.2.0/24
Branch 192.168.3.0/24
After reading thru the forum solution,
the way out is like adding another network to my 877 router to allow access from vpn client pool network and also include tunneling of 192.168.3.0 on my asa.
But these doesn't seems to work and i tried rebooting my 877.
Is there any impt step that i miss out?
Please alighten. Thanks
07-14-2009 09:43 AM
Ok you have
ASA->L2L<-877RT
VPN RA terminates in ASA right? if so
you add in nonat rule at 877RT for the L2L the ASA RA vpn pool network as interesting traffic to be part of the L2L policy.
When RA vpn clients connect to ASA as long the L2L is UP RA VPN clients should be able to access resources in 877RT LAN.
You may also need same security trafic permit intra interface command in asa.
PLS correct me if im thinking of your topology wrong.
Regards
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: