I'm currently trying to figure out if it is possible to transfer data between two "branch office sites" connected to a "central site" using IPSec tunnels.
Branch A <-- IPSec --> Central <-- IPSec --> Branch B
Is it possible to transfer data between A and B using Central as intermediate hop? The advantage of this setup would be, that only at the Central site access rules need to be configured.
I've tried to set this up in our lab environment... without success. When A wants to transfer data to B, a tunnel to Central is successfully established. But as Central wants to setup the 2nd tunnel to B an error message "peer not found" is displayed. It's the same the other way round.
1) Is this setup possible in general?
2) If so, where can I find a sample configuration?
Often times complex configuration issues are best addressed in an interactive session with one of our trained technical assistance engineers. While other forum users may be able to help, its often difficult to do so for this type of issue.
What are you using at the central site, If it is a Pix, you will not be able to route traffic between the two branch sites since the pix will not redirect traffic, If all of these sites are routers I have seen it work best with GRE over ipsec. If you have a vpn3000 concentrator at the central site it should be very easy to make this work.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :