Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
465
Views
0
Helpful
3
Replies

Route RAVPN traffic over site to site tunnel

ironman28
Level 1
Level 1

‎11-29-2022 06:25 AM

We have users able to RAVPN to an office, but can't access another office.  There is a site-to-site VPN tunnel between the two offices.  The IPs user get when the remote in is 10.10.20.0/24 and the site they try to get to is 172.16.30.0/24.

Is this a routing issue or do I need to include the RAVPN subnet in the site-to-site tunnel or NAT issue?

0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎11-29-2022 06:42 AM

@ironman28 you need to configure the command same-security-traffic permit intra-interface to allow the traffic to hairpin back out the same (outside) interface. You would need a NAT exemption rule to ensure the RAVPN ip pool networks are not unintentially translated. And you would also need to modify the crypto ACL (on both peers) to allow the RAVPN network over the S2S VPN.

0 Helpful

ironman28
Level 1
Level 1
In response to Rob Ingram

‎12-01-2022 06:26 AM

Rob, 

Thank you for the suggestion.   It looks like we were able to fix it.   

If we want to limit the remote access VPN users to some servers over the S2S VPN, where should I apply the ACL?

Thanks,

0 Helpful

MHM Cisco World
VIP
VIP

‎11-29-2022 06:56 AM

can you share config ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card