Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco ASA - Site to site IPSec tunnels to two different remote sites with overlapping destination subnets


Can anyone help on this?

I need to set up two IPSec tunnel from a cisco ASA to two remote sites.  I'm not sure how the Cisco ASA would route traffic through two IPSec tunnels to two remote sites when one destination subnet (site B) is a supernet of the other destination subnet (eg. site A)

1) The trusted network connecting to the Cisco ASA is (site C)

2) Remote site A subnet is

3) Remote site B subnet is

As shown above is a supernet of

If I configure two crypto maps:

1) Crypto map for site A will include subnet

2) Crypto map for site B will include subnet

Both crypto maps above will also include subnet (site C)

Would the above configuration work in terms of routing?  How does the Cisco ASA know that needs to go to site B rather than site A?