Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN - Site to Site - Help

Hi,

MY IPSEC site to site with Hub and Spoke is working great, but needs spoke to communicate with other spoke....

I have Hub and two spoke connection for my site to site VPN.

Hub private range is 192.168.1.0/24

spoke 1 private range is 192.168.2.0/24

Spoke2 private range is 192.168.3.0/24

what is requried for spoke1 to communicate with spoke2.......

Is there a cisco-sample config link for similar scenario....

6 REPLIES
Hall of Fame Super Blue

Re: VPN - Site to Site - Help

Hi

Which device are you using for IPSEC at hub site and which version of software ie.

router ?

ASA

Pix - if pix which version of software.

In general answer to your question if you want go from spoke1 to spoke2 via hub you need to update crypto access-lists on the spokes and the hub to include all the networks.

But if pix or ASA device you may need additional config.

Jon

New Member

Re: VPN - Site to Site - Help

Hi,

at Hub its a 3840 Router...

Spoke 1 its ASA

Spoke 2 its 2800 Router....

with this scenario... what is required at HUB and the spokes.....

Hall of Fame Super Blue

Re: VPN - Site to Site - Help

Okay, with a router as the hub device you should be able to do this.

Have a look at this link

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080093dc8.shtml

Don't worry about it being router to router, the principle is the same.

HTH

Jon

New Member

Re: VPN - Site to Site - Help

Thanks....

This was exactly I needed...

at one of the SPOKE we have Remote-Access enabled as well...

REmote-Access users can access Spoke Network but cannot access HUB Network?? Can you advice what config is required to make it accessible....

Cheers

New Member

Re: VPN - Site to Site - Help

Guys,

So far these are great. Thanks. Right now at the X location i would most likley have a 2800 series router with a PIX 515E at location X. The co-location would give me whatever equipment i would need. As of right now i have my users VPN into the network via a 3005 concentrator.

New Member

Re: VPN - Site to Site - Help

at one of the SPOKE we have Remote-Access enabled as well...

REmote-Access users can access Spoke Network but cannot access HUB Network?? Can you advice what config is required to make it accessible....

Cheers

109
Views
0
Helpful
6
Replies