How to create a site-to-site VPN with a SA520w and an ASA5510
I am looking for some direction or a specific examples of setting up a site to site VPN using the Sa520w and an ASA5510. the 520 is at the remote location and the ASA is at the main office. Traffic needs to flow in both directions. I have done some test using the wizards on both devices and have had success creating the VPN but have not been able to get traffic to route through the tunnel. any help would be greatly appreciated.
Re: How to create a site-to-site VPN with a SA520w and an ASA551
The basic idea is to make sure the whole subnet is allowed through the VPN tunnel. The ASA is an enterprise device and is considerably more robust in capabilites, however the SA is slightly more limited in the fact that you cannot route multiple subnets through the vpn tunnel.
Make sure you have the SA set to allow the remote subnet access to the local network.
One thing I have not tried is setting up a "supernet" if you will.
Site A has 5 networks with the 192.168.x.x prefix and a subnet mask of /24.
Site B has 5 networks with the 10.2.x.x prefix and the subnet mask of /24.
Site A will advertise 192.168.0.0 /16 through the VPN tunnel and Site B will advertise 10.2.0.0 /16 the opposite way.
Therefore, if Site A has the SA you could set the remote lan ip for 10.2.0.0//// 255.255.0.0
I have not personally tested this but I think it could be done and actually work. If you do try this, please let us know how it goes.
P.S. Does the tunnel actually connect, or does the status stay as IPSec not established.
Small businesses are facing the realities of the new normal and wondering what are the best ways to monitor, protect, manage and grow. Cisco understands the unique needs of small businesses and is committed to help overcome their top IT challenges. The fi...
What does the new normal mean for small business? Join this CiscoChat to learn how Cisco Designed, the portfolio curated for small business, can help small businesses adapt and thrive through the new normal and beyond.
We'll take your questions live...
Hi, i have an RV130W Wireless VPN router on which contrary to all advertisements i do not have gigabit LAN.The port links state 1000 full duplex however any LAN transfer is capped at about 20MBps, primarily because the router CPU reaches 100%. So this giv...
Join us in an exclusive Cisco Customer Connection briefing for a demonstration on the management capabilities within the Cisco Business Wireless product line for small businesses. For the lone-IT-superman, it is critical that the network products are easy...
This may be a simple question so I hope someone can help. We have several Cisco SG300\500 switches in L2 mode. Each switch has 8 VLANS and VLAN 1 is still native (For now). We do all routing between VLAN's on our firewall. After reading several ...