I'm running VPN between two sites using 2 ASA 5505.
Also I want that RA-VPN which is hosted in both ASA.
My need is to remove one of the RA-VPN access and keep only one, but need to be able to reach the second site.
I did a split-tunnel with both LANs. But I still not able to get the route in my computer when I connect to the RA-VPN.
Is it possible? And how?
A few things that needs to be configured for remote access vpn to access the remote site-to-site vpn LAN:
1) On the site-to-site tunnel crypto ACL, it needs to include the remote vpn client ip pool subnet as follows:
On the ASA that terminates the vpn client: permit ip
On the remote ASA that terminates the site-to-site tunnel: permit ip
2) On the ASA that terminates the vpn client: same-security-traffic permit intra interface
3) On the remote ASA that terminates the site-to-site tunnel: NAT exemption ACL needs to include traffic from remote LAN towards the IP Pool subnet.
Plus the split tunnel ACL that includes both subnets which I believe you already configured.
Hope that helps.