cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
419
Views
0
Helpful
2
Replies

Connectivity between VPN tunnel and VPN Site-to-Site

Itamarari
Level 1
Level 1

Hi guys,

When my users are connecting to their remote VPN (ASA 5510) they can't reach subnets which are connected through VPN site to site (Same ASA). How can I resolve this?
Thanks

Sent from Cisco Technical Support iPhone App

2 Replies 2

srikanth ath
Level 4
Level 4

First thing to be cleared.

Have you created the interesting traffic as VPN-Client Pool Subnet  to allow on the tunnel you want the connectivity.

Lets say:

VPn-client pool : 10.10.10.0/24

SiteA :Your inside subnets

siteB : 192.168.1.0/24

Assuming Site B as your remote end Site and site A as your end.

You should created the interesting traffic from the both sides  to allow VPN-client Pool to the tunnel on either side of sites.

access-list 100 10.10.10.0 0.0.0.255 192.168.1.0 0.0.0.255

Hope this helps you..

Let me know if you need any assistance.

Kindly, rate the helpful posts.

Regards,

Srikanth

Hi Itamar,

Please use the following command:

===> IPSEC and Hairpining use <===

same-security-traffic permit intra-interface

What´s happening, yours clients are coming at the same outgoing interface "outside" and it´s disable by default on ASA plataform.

Please take a look if your split tunnel has remote segments at the policy and of course your remotes devices "VPNs" needs to have the vpn client segments at phase "2" policy.

Please let me know

Good luck.

Fabio Jorge Amorim