2 different LANS to access VPN tunnel

smohur123 · ‎06-03-2010

Hi

I'm having a L2L VPN connection through internet between LAN A and B. LAN C is connected to LAN B through a router.

How can I make LAN C access LAN A through the same VPN tunnel?

I've attached a design pdf file. Please help me on that.

Jennifer Halim · ‎06-03-2010

Yes, you can. You would need to add the LAN C in the crypto ACL on the VPN tunnel between A and B.

On A:

- On the same crypto ACL for LAN A to LAN B, add another line that says from LAN A to LAN C.

On B:

- On the same crypto ACL for LAN B to LAN A, add another line that says from LAN C to LAN A

If you have NAT exemption configured, you would also need to configure the additional ACL to deny NAT between LAN A to LAN C and vice versa on the other side.

Lastly, LAN C and the router between LAN B and LAN C need to route the LAN A subnet towards ASA.

Hope that helps.

smohur123 · ‎06-04-2010

Thanks, it works.

Jennifer Halim · ‎06-04-2010

Great to hear. Pls rate useful post and mark question as answered. Thanks.