Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

route across vpn tunnel

hi friends,

i am having one scenario,but i dont know how to fix it.

i configured vpn tunnel from my headoffice to spain , the tunnel is up and working properly.

second i configured tunnel between my headoffice to one of my remote office,that tunnel is up.

i can access from remote office to main office and from main office to spain.

but i cannt access from remote office to spain.

my thinking is the main office is having both tunnels so it will route the traffic from remote office to spain but not happening,

can u plz provide me example how to route the traffic from remote to spain across vpn tunnel.

1 REPLY
Cisco Employee

Re: route across vpn tunnel

Suppose you have the following networks:

site1: 10.1.1.0/24

site2: 10.2.2.0/24

main : 10.0.0.0/24

then on the site1 router (or firewall) your crypto acl will look like this:

permit ip 10.1.1.0 0.0.0.255 10.0.0.0 0.0.0.255

permit ip 10.1.1.0 0.0.0.255 10.2.2.0 0.0.0.255

on the site2 router:

permit ip 10.2.2.0 0.0.0.255 10.0.0.0 0.0.0.255

permit ip 10.2.2.0 0.0.0.255 10.1.1.0 0.0.0.255

On the main router, use the mirror of the above acl's.

If you need more help, please post your current config for the 3 routers (assuming you are using IOS routers, if using Pix/Asa the concept is the same but you'll typically also need to adapt NAT exemption).

hth

Herbert

99
Views
0
Helpful
1
Replies
CreatePlease login to create content