cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1446
Views
0
Helpful
1
Replies
Highlighted
Beginner

ASA Site to Site VPN

Hello

I use a ASA 5510 and a ASA 5505 and want to connect 2 networks via VPN
ASA software version is 8.41.
Network 1 has address 192.168.90.0
Network 2 has the address 192.168.5.0

I use site to site VPN wizard on both asa and create the VPN connection.
do I need to create acl after that?
the PCs on network 1 must have access to a resource in the network 2
how do I create static routing to connect the both Network.

Sincerely

Jan

Everyone's tags (4)
1 REPLY 1

Re: ASA Site to Site VPN

Hi,

If you're following the VPN wizard on ASDM, you should get asked about the protected networks that are going to be communicating through the tunnel (ACLs).

After the wizard finishes it will show the configuration that is going to be applied for this tunnel.

There are several kind of ACLs that you should be concerned about.

Crypto ACLs --> to encrypt the traffic between sites

NAT ACLs --> to define which traffic is going to be exempt from NAT (interesting traffic)

Interface ACLs --> to permit traffic to flow through the interface

VPN traffic is by default exempt of being check by the outside interface ACL so you don't need to worry about it.

If you're doing everything from the CLI you should pay close attention to all the commands and ACLs, but if just following the wizard via ASDM, then the ASA should pretty much create the configuration that you need for you (obviosuly this depends on what configuration is already in place in the ASA).

Hope it helps.


Federico.