Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Remote VPN to LAN to LAN VPN issues

The issue I am having is that I have an ASA that provides Lan to Lan VPN and remote access VPN.  The Lan to Lan VPN connects to another network where a remote server is located, and the remote vpn connects remote users to the local network.  Both vpns currently work, however remote users connecting via the remote access vpn can not connect to the server on the other side of the lan to lan vpn.  Below is our setup.


server  --- ASA ---- LAN to LAN VPN ------ ASA---- Local LAN

                                                                      |

                                                                      |

                                                    Remote Access VPN

                                                                      |

                                                                      |

                                                          Remote Users


In this setup the remote users can access the local LAN, the server can access the local LAN, and the local LAN can access both the server and the remote users.  However the server can not access the remote users and the remote users can not access the server.  Any ideas on how to get this to work would be deeply appreciated.  I have created the NAT rules I believe were neccessary and added the needed address so that the remote vpn user' client application lists the network on the otherside of the LAN to LAN vpn as routable network.  Also, I believe all access rules are correct as packet tracers on both sides are successful.  However when you try to ping accross from the remote client to the server at the other end of the L2L it fails as does other attempts to access the server like rdp.  Does anybody have a step to step on how to setup this type of configuration remote vpn and l2l configured on same asa while allowing both vpns to talk to each other.  By the way both ASA are 5505 the one with two vpns in this setup is 8.2 and the one on the other end of the l2l is 7.2.  Any help would be appreciated, especially a tuturail or list of commands needed to set this up, as I believe I am probably just missing some small additional configuration I just can't figure it out.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Remote VPN to LAN to LAN VPN issues

Use your favourite search engine for "same-security-traffic permit intra-interface"

Sent from Cisco Technical Support iPad App

3 REPLIES

Re: Remote VPN to LAN to LAN VPN issues

Use your favourite search engine for "same-security-traffic permit intra-interface"

Sent from Cisco Technical Support iPad App

New Member

Re: Remote VPN to LAN to LAN VPN issues

Thank you so much that was exactly what it was, I knew I was missing some small step that was causing this issue, but in trying to resolve it I did end up perfecting my settings for routes and NAT.  Thank you Andrew Prince!!!

Re: Remote VPN to LAN to LAN VPN issues

ha ha ha that is perfect then, glad to help.

Sent from Cisco Technical Support iPad App

654
Views
0
Helpful
3
Replies