Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Traffic from one VPN to VPN

Hi!

I have the following scenario:

USER1 ----- Site2Site IPSec VPN--------|ASA with DMZ| ---------------Site2Site IPSec VPN-------- USER2

USER1 LAN: 192.168.10.0 /24

USER2 LAN: 172.16.1.0 /24

ASA DMZ network: 10.10.10.0 /24

Both users can access the servers in the DMZ from their LAN's.

Now I want both users to see each other LAN's in addition to the DMZ. How should modify the access-lists for this to work?

Thanks in advance

Carlos

Everyone's tags (1)
1 REPLY
New Member

Re: Traffic from one VPN to VPN

Forgot to mention... both users still need access to the DMZ on the ASA.  It seems so simple to just add a line on the access-lists for the encryption domains on each USER LAN to the other. But how should look the access-lists on the ASA for this to work?

Unfortunately, a direct tunnel from USER1 to USER2 it's not an option.

This looks like a CCIE Sec question. heh.

Thanks in advance.

272
Views
0
Helpful
1
Replies