Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
561
Views
0
Helpful
3
Replies

ASA S2S VPN

stephen jeffrey
Level 1
Level 1

‎09-10-2015 02:45 AM

Hi, I have a ASA on 9.1 that has a number of existing S2S vpns that are all working fine the interesting traffic being the subnets used at each site. I now have a requirement for a web security product we are looking at to create a S2S to tunnel all traffic from my internal clients to a cloud service. This would involve setting up a S2S with the destination interesting traffic being "any". Technically I suppose this is an overlapping network as far as VPN traffic is concerned, but how will it work in practice will the remote site interesting traffic "win" and use current S2S only using the new one when traffic is not for those subnets or will all my traffic pass down the new any S2S. Any ideas or help greatly received. Ta

Labels:
0 Helpful
3 Replies 3

pjain2
Cisco Employee
Cisco Employee

‎09-10-2015 10:58 AM

if you have "any" as the destination defined in the vpn traffic, and if the tunnel with "any" destination is up, the traffic for your specific destination will also try to go through the "any" destination tunnel

0 Helpful

stephen jeffrey
Level 1
Level 1
In response to pjain2

‎09-10-2015 01:41 PM

So I guess I either have to create a new subnet for desktop clients to use so source ip is different or use an additional VPN device as the web filtering s2ss initiator. Are these my only options?

0 Helpful

pjain2
Cisco Employee
Cisco Employee
In response to stephen jeffrey

‎09-10-2015 06:57 PM

yeah i guess

0 Helpful
Customers Also Viewed These Support Documents