Re: IPSec VPN between two LANs - Page 2

samirshaikh52 · ‎09-23-2010

Hello,

I have got Cisco ASA 5540 at Headqurters and Cisco 857 ADSL router at Branch Office with internet up. I have created a site to site vpn workplace ASA and branch router and its wokring fine.

Please see the attached snap (scenario 1) for referral.

Presently I have assigned Public IPs to Remote Lan PC( Branch Office). Now I am planning to give them private range (lets say 192.168.4.0/24).

It will be just like lan to lan vpn.

What I had ito add in my configuration on ASA and Router to make this possible.I am not pretty good in VPN connectivity. So I need experts help and advice.

If something not clear please let me know.

Thanking in Advance.

samirshaikh52 · ‎10-02-2010

Hi Jennifer,

Sorry for delay in responding back.I did as you said but still i cannot ping the branch pc (192.168.5.2) from my pc (10.1.2.45)

Modified Router config (fyi)

interface Vlan1
ip address 192.168.5.1 255.255.255.0
ip nat inside

!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside

access-list 100 remark SDM_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 192.168.5.0 0.0.0.255 10.1.2.0 0.0.0.255
access-list 101 remark SDM_ACL Category=2
access-list 101 remark IPSec Rule
access-list 101 deny ip 192.168.5.0 0.0.0.255 10.1.2.0 0.0.0.255
access-list 101 permit ip 192.168.5.0 0.0.0.255 any
route-map SDM_RMAP_1 permit 1
match ip address 101

Please can you advice.

Jennifer Halim · ‎10-02-2010

A few things to check:

1) Is the VPN tunnel up? can you please share the output of "show cry isa sa" and "show cry ipsec sa"

2) Can you check if the branch PC has any personal firewall that normally could block incoming connections.

samirshaikh52 · ‎10-03-2010

hi jennifer,

yes,vpn tunnel is up

i have check personl firewall on the pc's but nothing happened.

Jennifer Halim · ‎10-03-2010

Can you please share the output of the following after you try to access it:

show cry isa sa

show cry ipsec sa

BTW, can you ping 192.168.5.1?