Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Site-to-site VPN with 3 sites

I have 3 sites. On each site there is a ASA5505 resp. 5510.

I have a working ipsec tunnel between site A and B, and between B and C. What I am looking for is a way to pass traffic between A and C without creating an own tunnel between A and C. So somehow a way that the ASA on site B routes the traffic from tunnel site A to the tunnel site C.

Is that possible?

Any hints are very welcome.

Alex

1 REPLY
Green

Re: Site-to-site VPN with 3 sites

Yes, this is possible.

Here is a doc describing how to do it with remote access vpn to site to site. You can do it the same way with site to site instead of remote access.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008046f307.shtml

Basically you just need to add the interesting traffic to the tunnels, add the extra nat exemption to the tunnels, and apply same-security-traffic permit intra-interface to site B.

Post up some configs if you need help.

103
Views
0
Helpful
1
Replies
CreatePlease login to create content