Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

routing between 2 site-to-site VPNs with SA520

Hi there,

I would be glad if someone could help me with a SA520.

My SA520 connects to two site-to-site vpns. image there are three nets, right, middle and left. the sa520 is in the middle an can ping to left and right. left and right can ping to middle, but not to each other (I need to go from right to left and "hop over" the sa520h. unfortunately this is not working (with my "standard" assistant based setup).

Any ideas how to accomplish this?

Thanks for any help.

best regards

ekki

Sent from Cisco Technical Support iPad App

1 REPLY
New Member

routing between 2 site-to-site VPNs with SA520

Hi there,

solved it by help from a partner (cisco's smb support said this would not be possible).

You have to create different VPN Policies for every subnet ip range that shall be routed to the attached vpns

left: 192.168.100.0

middle: 192.168.0.0

right: 10.1.10.0

vpn policies:

for right (based on ike policy "right") :

a) local 192.168.0.0 remote.10.1.10.0

b) local 192.168.100.0 remote 10.1.10.0

for left (based on ike policy "left")

a) local 192.168.0.0 remote 192.168.100.0

b) local 10.1.10.0 remote 192.168.100.0

I think, if connecting more vpns, you have to multiply this.

hope this will help someone in the same situation

best regards

ekki

636
Views
0
Helpful
1
Replies
CreatePlease to create content