routing between 2 site-to-site VPNs with SA520

Unanswered Question
Feb 13th, 2012
User Badges:

Hi there,

I would be glad if someone could help me with a SA520.

My SA520 connects to two site-to-site vpns. image there are three nets, right, middle and left. the sa520 is in the middle an can ping to left and right. left and right can ping to middle, but not to each other (I need to go from right to left and "hop over" the sa520h. unfortunately this is not working (with my "standard" assistant based setup).

Any ideas how to accomplish this?

Thanks for any help.

best regards


Sent from Cisco Technical Support iPad App

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Eckhard Eilers Wed, 02/15/2012 - 01:49
User Badges:

Hi there,

solved it by help from a partner (cisco's smb support said this would not be possible).

You have to create different VPN Policies for every subnet ip range that shall be routed to the attached vpns




vpn policies:

for right (based on ike policy "right") :

a) local remote.

b) local remote

for left (based on ike policy "left")

a) local remote

b) local remote

I think, if connecting more vpns, you have to multiply this.

hope this will help someone in the same situation

best regards



This Discussion