Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
362
Views
0
Helpful
1
Replies

VPN hairpin

James Simpson
Level 1
Level 1

‎05-10-2011 07:46 AM - edited ‎03-04-2019 12:20 PM

Hi All

I have two ASa firewalls

one firewall subnet 192.168.2.0 /24 has EZ VPN set up onit talking to the other firewall 192.168.5.0/24

of the firewall 192.168.5.0 has a DMZ subnet 172.16.10.0/24

User VPN into the firewall of 192.168.2.0 the VPN range 10.99.13.0/24

they cannot access the 172.16.10.0 subnet

access-list on teh VPN are there

on both sites 192.168.2.0 172.16.10.0 and vice versa there is an access-list been configured for splint for the VPN pool range

Please can some one help

Labels:
0 Helpful
1 Reply 1

andrew.prince
Level 10
Level 10

‎05-10-2011 08:50 AM

Check your:-

1) No-nat you are traversing an "inside" interface to a "DMZ" interface, there will be NAT invloved - on both devices

2) Check your routing - the firewalls are NOT routers, so check your static/dynamic routes

3) Triple make sure you are allowing the specific IP subnet for the remote users.

Harpin is traffic entering an interface and leaving the same interface - what you are trying to do does NOT sound like hairpin

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card