Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

IPVPN Connection Between 2 ASAs


I have the setup below, where IPVPN_A is an existing network and IPVPN_B will be a new network. Looking at exising configuration for IPVPN_A, there's no NAT configured on ABC and XYZ firewalls, just routing. For example, from ABC I route to XYZ via

When IPVPN_B is added in, routes between ABC and XYZ has been set to go via IPVPN_B as primary and via IPVPN_A as backup. Still the same, no NAT was configured on both side, but I can't reach XYZ from ABC. When I configured Static NAT at ABC, I can reach XYZ WAN IP ( only, not the LAN IP. When performed traceroute from ABC to (WAN) and (LAN), can see the first 3 hops are the same, but at hop 4 it is going to different hops. Hence, can I conclude that for IPVPN_B, ABC and XYZ LAN IPs are not within their routing table?

Not sure what/how is the IPVPN_A and IPVPN_B configuration, but if normal Service Providers won't be advertising client's LAN, right? But when I traceroute from ABC to XYZ using IPVPN_A, I can see within their internal network is a Public IP.

So, I'd like to know what are the options I have to have a valid connectivity between ABC and XYZ via IPVPN_B.
1) Any method of doing NAT on both ABC and XYZ?
2) Or create site-to-site VPN between ABC and XYZ will be easier?

Everyone's tags (1)
CreatePlease to create content