Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

L2L vpn - unable to access one subnet -Urgent

hi,

I have configured L2L vpn between site A and B.In site A i have 3 subnets..

10.138.78.0/24,10.138.79.0/24,10.138.80.0/24.In site B also i have 3 subnets 172.16.0.0/24,162.29.0.0/24,162.30.0.0/24

Now the problem is from site A i am able to access 172.29.0.0 and 172.30.0.0 network but i am unable to access 172.16.0.0 network.

pls find the acl config..

SITE A:

object-group network HQO

network-object 172.16.0.0 255.255.0.0

network-object 172.29.0.0 255.255.0.0

network-object 172.30.0.0 255.255.252.0

object-group network LOCAL

network-object 10.138.78.0 255.255.255.0

network-object 10.138.79.0 255.255.255.0

network-object 10.138.80.0 255.255.255.0

access-list HQO extended permit ip object-group LOCAL object-group HQO

SITE B:

access-list CHI line 1 extended permit ip object-group LOCAL object-group CHI 0xad2ed804

access-list CHI line 1 extended permit ip 172.16.0.0 255.255.0.0 10.138.78.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.16.0.0 255.255.0.0 10.138.79.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.16.0.0 255.255.0.0 10.138.80.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.29.0.0 255.255.0.0 10.138.78.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.29.0.0 255.255.0.0 10.138.79.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.29.0.0 255.255.0.0 10.138.80.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.30.0.0 255.255.252.0 10.138.78.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.30.0.0 255.255.252.0 10.138.79.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.30.0.0 255.255.252.0 10.138.80.0 255.255.255.0

pls guide me to resolve this issue..

thanks,

james

1 REPLY

Re: L2L vpn - unable to access one subnet -Urgent

Hi James

Please attach your full sanitized configs

Regards

98
Views
0
Helpful
1
Replies