Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

website redirection over l2l VPN

Unanswered Question
Jun 1st, 2010
User Badges:

We have a remote office connected to our head office via a site-to-site VPN (ASA-2-ASA).  At the head office we have an internal intranet that has various links to external websites.  There is one link that is http://main1.domain.com and when you click on it, it redirects straight away to http://main2.domain.com.  At head office there is no problem, but if you do this from the remote VPN site the redirect fails.

Any ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jennifer Halim Tue, 06/01/2010 - 05:25
User Badges:
  • Cisco Employee,

What does both sites ip address resolve to? You would need to make sure that the ip address or ip subnet is in the crypto ACL.

networker99 Tue, 06/01/2010 - 05:27
User Badges:

Yes, both sides resolve the name, and the crypto ACL is the site -> anywhere (tunnel)

Jennifer Halim Tue, 06/01/2010 - 05:46
User Badges:
  • Cisco Employee,

Please share the ip address that both sites are resolving to, both from HQ and remote site. I assume both sites would resolve to the same ip address whether it is from HQ or remote.

If the second link is an external website, how is the internet connectivity for the remote sites? Through proxy server? or directly out to the internet at HQ (ASA outside interface)?

If it's through the ASA outside interface, then you would need the following:

same-security-traffic permit intra-interface

Then you would also need to configure NAT for the remote LAN on the outside interface:

nat (outside) 1

The above sequence of 1 is assuming that you have "global (outside) 1 interface" command. Otherwise, pls configure it accordingly.


This Discussion