VPN Tunnel on ASA with multiple vlan's

Unanswered Question
Apr 2nd, 2010

I'm having an issue terminating L2L vpn and I think it's due to the fact I have multiple vlan's on my asa.  We have a 3750 that has the ISP WAN interface, the ASA External and Internal NIC's attached.  We also have our Internal VLAN's on the 3750.  The clients default gateway is their vlan ip on the asa. Internet works fine.  There is also PAT for the vlan's on outbound traffic. For instance VLAN12 is PAT'ed to 210.99.22.44, etc.

The issue is, how can I create a L2L vpn since my 'Internal' NIC is no longer on my ASA.  I tried nat (vlan12) 0 access-list TEST_VPN, but my tunnel does not come up.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jennifer Halim Fri, 04/02/2010 - 15:07

Do you also add the additional VLAN in the crypto ACL on both sites?

Federico Coto F... Fri, 04/02/2010 - 15:51

Hi,

The fact of having multiple VLANs on the ASA is no problem.
Did you add the VLAN into the interesting traffic as halijenn say?

When you try to establish the tunnel, do you see it trying to come up?
Do you see phase 1 getting established, then traffic being encrypted?

Let us know at which point does the tunnel fails or what do you see to try to help you out.

Federico.

Actions

Login or Register to take actions

This Discussion

Posted April 2, 2010 at 11:42 AM
Stats:
Replies:2 Overall Rating:
Views:641 Votes:0
Shares:0
Tags: No tags.
 

Discussions Leaderboard

Rank Username Points
1
Federico Coto F...
1,913
2
Jouni Forss
1,876
3
Marvin Rhoads
1,595
4
Karsten Iwen
1,109
5
Jon Marshall
683
Rank Username Points
Jon Marshall
145
rizwanr74
77
Karsten Iwen
46
Marvin Rhoads
20
antondaneyko
10