Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Lan-to-LAN VPN tunnel is not coming

I'm trying to create a LAN-to-LAN VPN tunnel between our Headquarters and a branch office. We have a same IP network for both the Head quaters and the branch office. The tunnel is not coming and it's showing There are no isakmp sas. What am I missing out? Do I have to use different IP networks at the Branch office to the IP Network at the Headquarters.

8 REPLIES
Cisco Employee

Re: Lan-to-LAN VPN tunnel is not coming

You can use the same ip network but it complicates things, you would need to apply double NAT (i.e. translate both source and destination addresses).

Personally I would recommend to use different IP ranges if at all possible, it will make life so much easier.

New Member

Re: Lan-to-LAN VPN tunnel is not coming

If I have to use different IP Network for the branch offices, will this option make it possible for our servers, e.g DNS servers to talk to the DNS servers at our head quarters?

New Member

Re: Lan-to-LAN VPN tunnel is not coming

please see the link this is tell you how to confiugre the vpn with overlaping IP addresss

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800949f1.shtml

New Member

Re: Lan-to-LAN VPN tunnel is not coming

Thanks for the reply.

Would you have something similar to configuring vpn with overlaping IP address between ASA5510 v7.0 and PIX 515E ver 6.4

New Member

Re: Lan-to-LAN VPN tunnel is not coming

Hi

pls help me as now I'm really confused how I should apply double NAT. I have a diagram attached here for my kind of setup.

I do appreciate your help.

New Member

Re: Lan-to-LAN VPN tunnel is not coming

Hi

pls help me as now I'm really confused how I should apply double NAT. I have a diagram attached here for my kind of setup.

I do appreciate your help.

New Member

Re: Lan-to-LAN VPN tunnel is not coming

pls help me with my query. I have the diagram attached.

Re: Lan-to-LAN VPN tunnel is not coming

Hi,

1. As your Firewall/ASA outside interface showing pvt. IP (from diagram) are you using NAT on the rtr connecting outside of the ASA..?

2. You are using Pvt. IP scheme, but Iam not what exactly you mean by same IP address space on bth ends.

3. If you clearly explain exact scenarios and post the clean configs of ASA, someone will definitely be able to help you.

hth

MS

125
Views
0
Helpful
8
Replies