11-08-2022 05:44 AM
Hello,
i need to create a new vlan with internet access. In the cisco firewall on the particular context I created a new interface. Internet works, all ok.
The problem is that the subnet is the same as the subnet on the customer side which is connecte dto us over vpn. The moment I enable the interface the ping over vpn stops.
How can I make sure that I can use subnet 10.10.0.0 on our side but at the same time the connection to 10.10.0.0 over vpn does not break? VPN is connected from 10.11.0.0 to 10.10.0.0, so another interface in the same context.
In the end we will do an overlapping VPN, but first we need to test some things out and the network 10.10.0.0 on our side is not allowed to speak to the customer and also not to the other interfaces.
Thanks!
11-08-2022 06:08 AM - edited 11-08-2022 06:18 AM
is this ASA FW, look some below example :
other good one :
11-08-2022 06:18 AM
yes, asa fw. Right now I am looking for the connection to work without disrupting the existing vpn.
10.10.0.0 must exist in our network, it must not speak to the customer side, so for now I do nt need the overlapping vpn.
But since we already have a vpn on this context from 10.11.0.0 to 10.10.0.0, the moment I enable the interface, I lose the ping over VPN.
11-08-2022 10:19 AM
if you not overlapping you do not the one I referenced.
But since we already have a vpn on this context from 10.11.0.0 to 10.10.0.0, the moment I enable the interface, I lose the ping over VPN.
post the config
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide