08-19-2008 12:56 AM
Dear All expert,
please help me to solve this problem,
right now my HQ and branch link by VPN but i would like to do 2 branch access by VPN( i mean that now all the branch can access to HQ only but Branch to Branc cannot access .
Could you let me know how can i do it?
Best Regards,
Join
08-19-2008 12:59 AM
Join,
For the branch sites to be able to communicate to each other via your HQ add the below config into the HQ VPN device:-
same-security-traffic permit intra-interface
This will allow traffic from branch 1 to "hairpin" to branch 2 via HQ.
HTH>
08-19-2008 02:33 AM
Dear HTH,
Thanks you for your advice.
After i put command that you gave me it mean Branch1 can access Branch2, right? and have more security or not?
Best Regards,
Join
08-19-2008 02:40 AM
That is correct - it allows access from Branch 1 to Branch 2. There is no added security from this, if you want security - I suggest you think about acl's in the inbound of the inside interface at both locations.
08-19-2008 06:23 PM
Dear Andrew,
Thanks your for your advice.
i understood that you advice.
Could you show me Acl that allow Branch1 can access to Branch2? so we need to add Acl on ASA HQ, Branch1 and Branch2? which one that we have to add Acl.
Best Regards, :)
Join
08-20-2008 06:07 PM
Dear All and Andrew,
Do you have any advice?
Best Regards,
Norung
08-21-2008 12:36 AM
What services at Branch 1 and 2 would need to be used?
Are they the same company? Are they the same type of users? Do you need to limit access?
03-07-2019 07:31 AM
08-21-2008 03:40 AM
Hi Join
first, the solusion that has been given by andrew is 100% the right one
and i just wanna give this link if u read and follow it it let u solove ur case 100% and it is setp by step guid
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807f9a89.shtml
good luck
please, if helpful rate
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide