I have a small problem I need to get users access from site a to site b. However Site A connects to the central office through a site-to-site vpn and site b is also connected to the central office through a site-to-site vpn tunnel. The central office can ping both site a and b and site a and b can ping the central office however. Site a cannot ping site b. I would like for users from site a to see the shared drive on the server at site b, however the central office router isn't passing the traffic, I think. Is there a command or a set of commands that I need to enter on the central office to allow for the traffic to be passed? Or do I simply need to setup a vpn tunnel from site a to b? If so where can I find a good how to?
PS central office is a Cisco 1841 and site a and b are both Cisco 851w's
That link was very helpful however I was looking over the configurations and noticed the only difference was they had an ip route for each subnet and I have a single ip route of 0.0.0.0 0.0.0.0 S0/0/0. Would that affect pinging from site a to site b? Thanks for your help
I will be very thankful if you clear my doubt . Here is my query .
In the Hub router configuration. the routes are like that.
ip route 172.16.1.0 255.255.255.0 Ethernet0
ip route 192.168.1.0 255.255.255.0 Ethernet0
ip route 22.214.171.124 255.255.0.0 Ethernet0
Three different subnet's will exit via ethernet0. but Two sperate tunnel is connected with the 'ethernet0'interface for two different spokes . In that case how the hub router will make the routing decision when spaoke 'A' want to communicates with spoke 'B'.0 .
My thinking is instead of specifying the 'interface' in the routing command why can't we specify the remote end gateway IP adderss for the respective subnets ?
Configuration of Acl and route can tell you how the hub router will make the routing decision when spoke 'A' want to communicates with spoke 'B'.
When Spoke 1(172.16.1.0/24) want to pass traffic to Spoke 2(192.168.1.0/24),Spoke 1 will setup ipsec tunnel with Hub.When Hub receives the traffic from Spoke 1 that want to visit Spoke 2,according to the configuration of HUB
crypto map mymap 20 ipsec-isakmp
set peer 200.x.x.1
set transform-set myset
match address 120
access-list 120 permit ip 172.16.1.0 0.0.0.255 192.168.1.0 0.0.0.255
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...