Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

No internet access thru site to site VPN tunnel on ASA

We have a complicated set up of 4 ASA5505's that all have site to site tunnels to a 5th ASA5505 which is connected to our LAN. All the L2L tunnels are up and can access network resources, but none of them can access the internet. I want internet traffic to pass thru the vpn tunnel and return thru the tunnel. Can someone point me to an example of this setup?

1 REPLY
Green

Re: No internet access thru site to site VPN tunnel on ASA

Sure, on the main site ASA, you can set something up like this....

same-security-traffic permit intra-interface

global (outside) 1 interface

nat (outside) 1

nat (outside) 1

etc...

You will also need to confirm that all traffic from the remote sites is traversing the tunnel. Something like....

Remote ASA

access-list crypto1 extended permit ip any

access-list inside_nat0_outbound extended permit ip any

Main ASA

access-list crypto1 extended permit ip any

182
Views
0
Helpful
1
Replies
CreatePlease to create content