2 different LANS to access VPN tunnel

Unanswered Question
Jun 3rd, 2010

Hi

I'm having a L2L VPN connection through internet between LAN A and B. LAN C is connected to LAN B through a router.

How can I make LAN C access LAN A through the same VPN tunnel?

I've attached a design pdf file. Please help me on that.

Attachment: 
I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jennifer Halim Thu, 06/03/2010 - 02:29

Yes, you can. You would need to add the LAN C in the crypto ACL on the VPN tunnel between A and B.

On A:

- On the same crypto ACL for LAN A to LAN B, add another line that says from LAN A to LAN C.

On B:

- On the same crypto ACL for LAN B to LAN A, add another line that says from LAN C to LAN A

If you have NAT exemption configured, you would also need to configure the additional ACL to deny NAT between LAN A to LAN C and vice versa on the other side.

Lastly, LAN C and the router between LAN B and LAN C need to route the LAN A subnet towards ASA.

Hope that helps.

Actions

This Discussion