Solved: Remote Access VPN to Branch Office

dbeattie · ‎12-01-2006

If I have a branch office and head office, both with ASA5510s, linked via an IPSec VPN, can a Remote Access VPN user (VPN Client) establish one VPN to the head office site and connect to devices at the branch office site, back over the site-to-site VPN? This could never be done with PIXs because the traffic had to go out the same interface that it came in by. In this instance I had to use a PIX and a VPN concentrator. I am hoping that since the ASA is PIX+VPNConc+IPS it will be able to do it in a single box.

Thanks

Dave

spremkumar · ‎12-01-2006

Hi

You can try the below command for permitting the traffic between intra/inter interface.

same-security-traffic permit intra-interface

or

same-security-traffic permit inter-interface

http://www.cisco.com/en/US/customer/products/ps6120/products_command_reference_chapter09186a008063f0fb.html#wp1289167

regds

View solution in original post

spremkumar · ‎12-01-2006

Hi

You can try the below command for permitting the traffic between intra/inter interface.

same-security-traffic permit intra-interface

or

same-security-traffic permit inter-interface

http://www.cisco.com/en/US/customer/products/ps6120/products_command_reference_chapter09186a008063f0fb.html#wp1289167

regds

HDTTamHaiAn · ‎06-28-2007

Hi spremkumar,

Is it possible if I change the device from ASA to 2 Cisco 877 connect over ADSL?

Both devices conect as site-to-site VPN to each-other.

And this system also support teleworker to remote connect to them via VPN client? (For ex: make a voice call)

And the last is Cisco877-SEC-K9 supports maximum 5 VPN connection? Is it includes the site-to-site connection or just the remote?

Thank you,