Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

website redirection over l2l VPN

We have a remote office connected to our head office via a site-to-site VPN (ASA-2-ASA).  At the head office we have an internal intranet that has various links to external websites.  There is one link that is http://main1.domain.com and when you click on it, it redirects straight away to http://main2.domain.com.  At head office there is no problem, but if you do this from the remote VPN site the redirect fails.

Any ideas?

3 REPLIES
Cisco Employee

Re: website redirection over l2l VPN

What does both sites ip address resolve to? You would need to make sure that the ip address or ip subnet is in the crypto ACL.

New Member

Re: website redirection over l2l VPN

Yes, both sides resolve the name, and the crypto ACL is the site -> anywhere (tunnel)

Cisco Employee

Re: website redirection over l2l VPN

Please share the ip address that both sites are resolving to, both from HQ and remote site. I assume both sites would resolve to the same ip address whether it is from HQ or remote.

If the second link is an external website, how is the internet connectivity for the remote sites? Through proxy server? or directly out to the internet at HQ (ASA outside interface)?

If it's through the ASA outside interface, then you would need the following:

same-security-traffic permit intra-interface

Then you would also need to configure NAT for the remote LAN on the outside interface:

nat (outside) 1

The above sequence of 1 is assuming that you have "global (outside) 1 interface" command. Otherwise, pls configure it accordingly.

167
Views
0
Helpful
3
Replies
CreatePlease to create content