Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Layer2 site2site(asa)

Dear,

for a customer setup we are trying to configure a site to site vpn with a asa5505 and a asa5520.

Both side's need to be in the same subnet so it with be a Layer2 VPN(bridge).

I've looked around but can't seem to find anything about it. Does anybody have experience with this or an example?

I have here 2 asa5505 firewall on my desk to test the vpn connection.

PS: i now it's beter to route the traffic instead of bridge the traffic but it's only as a backup line so no production will be goiing over the line.             

2 ACCEPTED SOLUTIONS

Accepted Solutions
VIP Purple

Layer2 site2site(asa)

If you really need L2, then you have to deploy two routers (one on each site) and configure an IPSec/GRE-Tunnel between them. There you can bridge your traffic.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
Super Bronze

Layer2 site2site(asa)

It is not possible

ASA does not support L2TP client configuration, so you can't have L2TP between 2 ASAs.

4 REPLIES
Super Bronze

Layer2 site2site(asa)

This is not a supported configuration on the ASA.

VIP Purple

Layer2 site2site(asa)

If you really need L2, then you have to deploy two routers (one on each site) and configure an IPSec/GRE-Tunnel between them. There you can bridge your traffic.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
New Member

Layer2 site2site(asa)

If i read around it says it's possible to make a L2TP tunnel. but can't find it site-to-site.

So it's not possible with the asa but with a regular router it would be possible?

Ps : it's not supported or it's not possible ;-). because it would only be as a backup line(max. 4h SLA)

          There will be a Layer-2 tunnel provided by the provider, but they wan't a backup over internet when the line is down.

Super Bronze

Layer2 site2site(asa)

It is not possible

ASA does not support L2TP client configuration, so you can't have L2TP between 2 ASAs.

3177
Views
0
Helpful
4
Replies