Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN connection ( Branch office access internet from HQ)

Dear All Expert,

I would like to ask all of you...

I had connection VPN HQ to branch already( i mean it is working) but the branch it cannot access internet so i would like to allow all the branch office access internet from my HQ. but at my HQ i had other one ASA for internet ,so i don't now how to allow or route ....?

Please help me to solve this issue..please kindly see in the attach file.

Hope all of you reply to me soon :)

Best Regards,

3 REPLIES
Hall of Fame Super Silver

Re: VPN connection ( Branch office access internet from HQ)

Hello David,

configuration of ASA connecting to the internet has to be updated so that:

it knows that remote site IP subnet(s) are reachable via 10.2.2.1

this can be a static route using the interface where net 10.2.2.0 is defined.

(inside or DMZ or other name)

AND

it provides NAT services for clients in remote site IP subnet(s).

the ASA has to translate their source ip addresses to allow access to public internet.

This should mean a change in an ACL that defines NAT or similar activity.

see

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/cfgnat.html#wp1067863

Hope to help

Giuseppe

New Member

Re: VPN connection ( Branch office access internet from HQ)

Dear Giuseppe and Expert,

thank you for your reply,

could you help to edit my configuration on the attach file.

So, in the attach file the VPN site to site is working and internet ASA is working also,

i would like to u help me as below:

1- At HQ if the client assign gateway 10.2.2.2 the client can access internet but cannot access to Branch by VPN?

2- The Branch Cannot access internet? I mean the HQ provide Intenet to branch)

Best Regards,

REchard

New Member

Re: VPN connection ( Branch office access internet from HQ)

Dear All,

Do you have any update?

Best Regards,

Rechard

203
Views
0
Helpful
3
Replies