02-03-2023 01:27 AM
Hello All,
I got into situation where i need to configure the Bidirectional Site to Site VPN tunnel. I have configured some S2S tunnel before as well but the initiator of traffic always from other side.
Now the situation is different other side end is the application server & they wanted bidirectional traffic flow.
Now i don't understand , how i configure this ? can any one suggest me how i will do nating & ACL here ?
Local network :: 10.10.46.2
Remote network :: 100.238.76.50 - 100.238.76.53
Peer IP :: 100.238.124.53
Note :: the Ip address is dummy one
02-03-2023 01:42 AM
@sw26 on what hardware, ASA, FTD or IOS router?
By default setting up a new VPN will always be bidirectional (either side can bring up the tunnel). You have to explictly configure initiator or responder only, so you may not need to do anything specific there.
Assuming you are using a policy based VPN with a crypto map, then you will just need to generating interesting traffic in order to establish the tunnel.
This post provides an example to configure a policy based VPN between an ASA to IOS router. Or if you are using an FTD, here is an example on how to configure a VPN on the FTD.
02-06-2023 04:06 AM
Hi Rob,
I am using ASA Firewall on my end & another end device is think pad that i got to know now .....
It's new for me ...i never see any situation before .....Also they are using all public ip address for interested traffic server & not doing any Nating .
I am clueless now .....how the config will be
02-06-2023 04:13 AM
@sw26 a "think pad" ? Are you sure? this is a computer, so you wouldn't establish a Site-to-Site VPN, you use a Remote Access VPN using the AnyConnect VPN client.
02-07-2023 05:24 AM
Hi Rob ,
Sorry , Actually user confirmed that yesterday on email now i had contacted via calls to there network team & got to know that they have VMware Edge device (where they will configure SIte to Site VPN).
02-03-2023 02:27 AM
are you run dynamic VPN ?
if Yes then by default only the dynamic peer initiate the traffic.
02-06-2023 04:06 AM
Hi ,
No i am using static vpn
02-07-2023 06:34 AM
as you update us, I think that VMware use remote access (dynamic) no S2S.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide