cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
434
Views
0
Helpful
3
Replies

Access site-site vpn via remote vpn

robbie.teo
Level 1
Level 1

Hi guys,

I'm using asa 5510 with a few branches connected via site-site vpn.

When remote vpn into HQ network, i can't access to my branches network.

How can i configure in order for me to access them via remote vpn?

Please advice. Thanks

3 Replies 3

Thanks for the reply.

from my asa to remote site is connected via 877 router.

For example, my VPN client ip address is 192.168.1.0/24

HQ 192.168.2.0/24

Branch 192.168.3.0/24

After reading thru the forum solution,

the way out is like adding another network to my 877 router to allow access from vpn client pool network and also include tunneling of 192.168.3.0 on my asa.

But these doesn't seems to work and i tried rebooting my 877.

Is there any impt step that i miss out?

Please alighten. Thanks

Ok you have

ASA->L2L<-877RT

VPN RA terminates in ASA right? if so

you add in nonat rule at 877RT for the L2L the ASA RA vpn pool network as interesting traffic to be part of the L2L policy.

When RA vpn clients connect to ASA as long the L2L is UP RA VPN clients should be able to access resources in 877RT LAN.

You may also need same security trafic permit intra interface command in asa.

PLS correct me if im thinking of your topology wrong.

Regards

Jorge Rodriguez
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: