Traffic from one VPN to VPN

Unanswered Question
Jan 19th, 2010
User Badges:

Hi!


I have the following scenario:



USER1 ----- Site2Site IPSec VPN--------|ASA with DMZ| ---------------Site2Site IPSec VPN-------- USER2


USER1 LAN: 192.168.10.0 /24

USER2 LAN: 172.16.1.0 /24


ASA DMZ network: 10.10.10.0 /24


Both users can access the servers in the DMZ from their LAN's.


Now I want both users to see each other LAN's in addition to the DMZ. How should modify the access-lists for this to work?


Thanks in advance


Carlos

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
carlosv Tue, 01/19/2010 - 17:40
User Badges:

Forgot to mention... both users still need access to the DMZ on the ASA.  It seems so simple to just add a line on the access-lists for the encryption domains on each USER LAN to the other. But how should look the access-lists on the ASA for this to work?


Unfortunately, a direct tunnel from USER1 to USER2 it's not an option.


This looks like a CCIE Sec question. heh.


Thanks in advance.

Actions

This Discussion

Related Content