Hi I have remote vpn setup on my asa5505 and users can login using the Cisco vpn client and they can acess stuff on the local network and so on but i also need the client to reach each other over the vpn tunnel and I need some help with this part.
This is called U turning / Hairpinning , where you will perform these steps:- 1. Allow the remote subnets (behind l2l vpn peer) in split tunnel. 2. Allow "same-security-traffic permit intra-interface". 3. Allow the VPN pool subnet in crypto access-list on local and remote peer. 4. Nat exempt for VPN traffic (outside to outside) .
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...