Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
281
Views
0
Helpful
1
Replies

remote vpn and site to site vpn question

kope
Level 1
Level 1

‎03-17-2009 03:31 PM

i am running into a situation that the ASA 5510 has remote vpn setup and working properly. This ASA also has a vpn site-to-site vpn tunnel setup and is also working properly. But they want users at the site-to-site vpn tunnel be able to using remote vpn and vpn back into the same ASA to get to the local networks. (odd situation, i supposed).

Technically, it seems doable, but i like to have your expert comment here, if possible.

When user is at the site-to-site tunnel, they can ping the remote-access peer(the remote-access peer ip is the same as the site-to-site tunnel ip), but when they vpn in, they are getting "Group=xx, ip=x.x.x.x, Removing peer from peer table failed, no match" message.

thanks,

Labels:
0 Helpful
1 Reply 1

andrew.prince
Level 10
Level 10

‎03-18-2009 02:28 AM

Re-config your no-nat & site-site acl to allow the remote VPN subnet. Also allow the same security traffic feature.

HTH>

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents