I got a Cisco ASA 5510 it manage two VPN tunnels that works just fine, also we configure the Remote Client, that works ok, my question is, how can i achieve to comunicate the client with the the vpn tunnels and the vpn tunnels between them?
i need to tunnel all traffic specified for inside subnet as well the others site to site tunnels subnets, when connecting from the Client and viceversa, since my VPN clients don't access to the internet from the ASA, i already set up things to access internet from the client using the native connection, and tunnel all interest traffic, but i can't access to the other l2l tunnels using it.
I already enable IPSec hairpinning, but keep in mind that this allow traffic between tunnel that have same security level, i don't thing this could work between a remote client ipsec tunnel and a l2l ipsec tunnel, maybe u can give me some further config details on how can i access my l2l tunnels using the remote client and viceversa.
What the command "same-security-traffic permit intra-interface" does is to allow VPN traffic to leave the same physical interface once traffic needs to go over the other vpn tunnel - this is nnot the same as client u-turn.
Additionally the ASA will apply f/w rules including acl, nat, etc before sending traffic out the same interface.
After entering the ipsec hairpinning command treat the client traffic as you would any other inside traffic that may need to pass thru the l2l tunnel.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :