Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Multiple IPSec VPN routing


I have multiple site to site VPN and i am trying to make communication between all VPN LAN

means One vpn LAN network can communicate with my other VPN LAN network these both are connected with MY cisco ASA 5510.

i have enabled intra interface security and inter interface security as well but no LUCK

any extra that i have to do please help me out if any one have an answer.

kindly check attached diagram for the same

Thanks a lot for help in advance.


Re: Multiple IPSec VPN routing

Besides the same security commands you need to make sure your traffic definition is correctly defined on the crypto acls for each firewall, as an example see below

Central - Network A

Remote 1 - Network B

Remote 2 - Network C

Remote 3 - Network D

If what you need to do is to allow communication from all remotes using the Central as the hub, you need to do the following

tunnel from Central to Remote 1

A to B

tunnel from Remote 1 to Central

B to A

Tunnel from Central to Remote 2

A to C

Tunnel from Remote 2 to Central

C to A

If you need then Remote 1 to Remote 2 via the central one the cofig would be


A to B

C to B

Remote 1

B to A

B to C

Remote 2

C to A

C to B

And so on...

Let me know if this makes sense, of course the Nat Exempt Acl should mimic this behavior.