cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

4092
Views
0
Helpful
4
Replies
Highlighted
Beginner

Layer2 site2site(asa)

Dear,

for a customer setup we are trying to configure a site to site vpn with a asa5505 and a asa5520.

Both side's need to be in the same subnet so it with be a Layer2 VPN(bridge).

I've looked around but can't seem to find anything about it. Does anybody have experience with this or an example?

I have here 2 asa5505 firewall on my desk to test the vpn connection.

PS: i now it's beter to route the traffic instead of bridge the traffic but it's only as a backup line so no production will be goiing over the line.             

2 ACCEPTED SOLUTIONS

Accepted Solutions
VIP Mentor

Layer2 site2site(asa)

If you really need L2, then you have to deploy two routers (one on each site) and configure an IPSec/GRE-Tunnel between them. There you can bridge your traffic.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Cisco Employee

Layer2 site2site(asa)

It is not possible

ASA does not support L2TP client configuration, so you can't have L2TP between 2 ASAs.

4 REPLIES 4
Cisco Employee

Layer2 site2site(asa)

This is not a supported configuration on the ASA.

VIP Mentor

Layer2 site2site(asa)

If you really need L2, then you have to deploy two routers (one on each site) and configure an IPSec/GRE-Tunnel between them. There you can bridge your traffic.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Beginner

Layer2 site2site(asa)

If i read around it says it's possible to make a L2TP tunnel. but can't find it site-to-site.

So it's not possible with the asa but with a regular router it would be possible?

Ps : it's not supported or it's not possible ;-). because it would only be as a backup line(max. 4h SLA)

          There will be a Layer-2 tunnel provided by the provider, but they wan't a backup over internet when the line is down.

Cisco Employee

Layer2 site2site(asa)

It is not possible

ASA does not support L2TP client configuration, so you can't have L2TP between 2 ASAs.