Hi,
I am new to this forum and would like to seek a good suggestions and advice. I have currently setup 3 site-to-site l2l VPN tunnels and enable AnyConnect SSL-VPN. My setup goes like this:
Remote Site 1 ===> MyASA
MyASA Parameters:
MPLS interface IP: 10.10.10.2 (Connected through MPLS) (peer IP)
Inside interface IP: 172.16.0.1
Remote Site 1 Parameters:
Outside interface IP: 10.10.10.1 (peer IP)
Inside interface IP: 192.168.2.1
Remote Site 2 ===> MyASA
MyASA Parameters:
Outside interface IP: x.x.x.82/29 (Connected to ISP Public) peer IP
Inside interface IP: 172.16.0.1
Server1: 172.16.0.31 to x.x.x.84 (Static NAT)
Server2: 172.16.0.32 to x.x.x.85 (Static NAT)
Server3: 172.16.0.32 to x.x.x.86 (Static NAT)
Accepting only one public IP from the Remote Site 2: x.x.2.176 through the tunnel
Remote Site 2 Paramenters
Outside interface IP: x.x.3.12 (peer IP)
Remote Site 3 ===> MyASA
MyASA Parameters:
Outside interface IP: x.x.x.82/29 (Connected to ISP Public) peer IP
Inside interface IP: 172.16.0.1
All local networks going in to tunnel is D-NAT to x.x.x.83
AnyConnect Pool: 192.168.244.0/24
Remote Site 3 Paramenters
Outside interface IP: x.x.4.23 (peer IP)
Only accepting request from x.x.x.83 through the tunnel.
Now my problem is I am having a hard time allowing my AnyConnect clients and remote clients from Remote Site1 to initiate the tunnel to the remote site 3. Local networks has no problem initiating the tunnel.
Your humble suggestion is greatly appreciated