cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
336
Views
0
Helpful
3
Replies

website redirection over l2l VPN

networker99
Level 1
Level 1

We have a remote office connected to our head office via a site-to-site VPN (ASA-2-ASA).  At the head office we have an internal intranet that has various links to external websites.  There is one link that is http://main1.domain.com and when you click on it, it redirects straight away to http://main2.domain.com.  At head office there is no problem, but if you do this from the remote VPN site the redirect fails.

Any ideas?

3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

What does both sites ip address resolve to? You would need to make sure that the ip address or ip subnet is in the crypto ACL.

Yes, both sides resolve the name, and the crypto ACL is the site -> anywhere (tunnel)

Please share the ip address that both sites are resolving to, both from HQ and remote site. I assume both sites would resolve to the same ip address whether it is from HQ or remote.

If the second link is an external website, how is the internet connectivity for the remote sites? Through proxy server? or directly out to the internet at HQ (ASA outside interface)?

If it's through the ASA outside interface, then you would need the following:

same-security-traffic permit intra-interface

Then you would also need to configure NAT for the remote LAN on the outside interface:

nat (outside) 1

The above sequence of 1 is assuming that you have "global (outside) 1 interface" command. Otherwise, pls configure it accordingly.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: