Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Access site-site vpn via remote vpn

Hi guys,

I'm using asa 5510 with a few branches connected via site-site vpn.

When remote vpn into HQ network, i can't access to my branches network.

How can i configure in order for me to access them via remote vpn?

Please advice. Thanks

3 REPLIES

Re: Access site-site vpn via remote vpn

New Member

Re: Access site-site vpn via remote vpn

Thanks for the reply.

from my asa to remote site is connected via 877 router.

For example, my VPN client ip address is 192.168.1.0/24

HQ 192.168.2.0/24

Branch 192.168.3.0/24

After reading thru the forum solution,

the way out is like adding another network to my 877 router to allow access from vpn client pool network and also include tunneling of 192.168.3.0 on my asa.

But these doesn't seems to work and i tried rebooting my 877.

Is there any impt step that i miss out?

Please alighten. Thanks

Re: Access site-site vpn via remote vpn

Ok you have

ASA->L2L<-877RT

VPN RA terminates in ASA right? if so

you add in nonat rule at 877RT for the L2L the ASA RA vpn pool network as interesting traffic to be part of the L2L policy.

When RA vpn clients connect to ASA as long the L2L is UP RA VPN clients should be able to access resources in 877RT LAN.

You may also need same security trafic permit intra interface command in asa.

PLS correct me if im thinking of your topology wrong.

Regards

115
Views
0
Helpful
3
Replies