Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
463
Views
0
Helpful
1
Replies

Traffic from one VPN to VPN

carlosv
Level 1
Level 1

‎01-19-2010 04:12 PM

Hi!

I have the following scenario:

USER1 ----- Site2Site IPSec VPN--------|ASA with DMZ| ---------------Site2Site IPSec VPN-------- USER2

USER1 LAN: 192.168.10.0 /24

USER2 LAN: 172.16.1.0 /24

ASA DMZ network: 10.10.10.0 /24

Both users can access the servers in the DMZ from their LAN's.

Now I want both users to see each other LAN's in addition to the DMZ. How should modify the access-lists for this to work?

Thanks in advance

Carlos

Labels:
0 Helpful
1 Reply 1

carlosv
Level 1
Level 1

‎01-19-2010 05:40 PM

Forgot to mention... both users still need access to the DMZ on the ASA.  It seems so simple to just add a line on the access-lists for the encryption domains on each USER LAN to the other. But how should look the access-lists on the ASA for this to work?

Unfortunately, a direct tunnel from USER1 to USER2 it's not an option.

This looks like a CCIE Sec question. heh.

Thanks in advance.

0 Helpful
Customers Also Viewed These Support Documents