Clientless SSL VPN - Can it access other site-to-site VPN networks?

will.cada · ‎07-13-2009

Hello,

We currently have an ASA 5510 at one of our sites with about 3 other site-to-site VPN's connected to it for all our branch offices. I setup the Clientless SSL VPN(WebVPN) and I can access everything on the local network that the ASA is attached to, is there anyway to be able to access the other end of the site-to-site VPN's tunnels through the Clientless SSL VPN?

I have it setup where the SSL VPN(Anyconnect) and the older Cisco IPSec clients can access the other end of the site-to-site tunnels. The only reason I need the configure the Clientless SSL VPN is that we have some remote users that need to access various servers all over our entire network from their home PC.

Any Ideas?

Thank you,

Will Cada

jbayuka · ‎07-17-2009

You can access the other end of the site-to-site VPN tunnels through the Clientless SSL VPN. Make sure that all sites have connectivity between each other.

r.broschinski · ‎08-12-2009

did anyone get his setup working. i did this in a lab and it was not possible to access remote location over vpn tunnel through clientless ssl because of routing. the clientless traffic was not encrypted and sent directly via asa outside interface.

m-ketchum · ‎10-03-2009

Any luck getting this to work?

auraza · ‎10-08-2009

In your crypto ACLs for the site-to-site tunnels, add the ASA's public IP destined to the remote network, and mirror this ACL on the remote end VPN device.

Example:

ASA public IP: 2.2.2.2

Remote network: 192.168.1.0/24

access-list vpn_to_remote_network permit ip host 2.2.2.2 192.168.1.0 255.255.255.0

Mirror the above acl on the remote end router.

PS. If you found this post helpful, please rate it.

m-ketchum · ‎11-02-2009

That did the trick...thanks

universe12 · ‎11-04-2009

how do u get VPN Connections for ipod Touch using cisco?