05-19-2008 03:57 AM - edited 03-09-2019 08:43 PM
dear sir
I have Remote IPSec VPN configured on ASA5510, but we need to lets a VPN client send IPSec-protected traffic to another VPN user, something called "hairpinning",
anyway, I've configured following the manual:
1,same-security-traffic permit intra-interface
2,access-list vpn permit ip 172.16.99.0 255.255.255.0 172.16.99.0 255.255.255.0
3,nat (outside) 0 access-list vpn
but it does not work, attached as my configuration, who can check for me?
Thanks
tom
05-19-2008 05:10 AM
Your split tunnel acl is only encrypting traffic to 192.168.1.0. I think you should add 172.16.99.0.
access-list Mukdahan_splitTunnelAcl standard permit 172.16.99.0 255.255.255.0
05-19-2008 05:18 AM
great, it's work.
thank you very much
05-19-2008 05:23 AM
Good to hear, thanks for the rate.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide