Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

VPN client could not able to conect other site

Hi,

we are using site to site vpn between three sites/offices using ASA 5510.Now for outside connection, we have configured remote vpn and its working fine with the local site where its connecting/terminated but could not able to ping/connect other 2 remote sites which are working fine on L2l vpn.

2 REPLIES
Silver

Re: VPN client could not able to conect other site

You need to add the spoke to spoke networks to the acl's for ipsec and nonat traffic matching. On both ends of the L2L tunnels. Also, if your doing split-tunneling add the networks to that acl as well.

Then you need this command to allow haripining.

same-security-traffic permit intra-interface

See these links for detail instructions on doing spoke->spoke tunnels.

http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_configuration_example09186a008046f307.shtml

http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_configuration_example09186a00804675ac.shtml

Thanks,

Chad

Please rate if helpful!

New Member

Re: VPN client could not able to conect other site

Hi cpembleton,

Thanks for the update.

It's solve all our problems

Thanks Again.

111
Views
4
Helpful
2
Replies
CreatePlease to create content