06-13-2023 01:46 AM
Hi,
I am trying to establish a connection between two site-to-site IPsec tunnels, both of which are terminating in the same ASA. So I have site A, Site B and Site C. Site A and Site C has IPsec tunnel to site B, but not between them. So I would like to connect Site A and Site C through Site B. How can I achieve this?
BR
06-13-2023 01:50 AM - edited 06-13-2023 01:53 AM
Site A
ip route lan site c toward site b ip
Acl of s2s vpn
Permit ip local Lan remote lan of site c
Site C
İp route lan site a toward site b ip
Acl of s2s vpn
Permit ip local Lan remote lan of site a
Site B
İp route lan site a toward site a ip
İp route lan site c toward site b ip
Acl of two s2s vpn
First one
Permit ip lan site a remote lan site c
Second
Permit ip lan site c remote lan site a
06-13-2023 02:04 AM
Thank you for the reply,
Lets say:
In site A, I have added the network 10.10.20.0/24 in the tunnel in meraki under private subnets. This tunnel terminates in Site C. In Azure the guy which works with this tenant has also done its part.
Now I am a little bit confused what to do with ASA in site B. Should I add the 10.10.10.0/24 as a "Local Network" on the tunnel toward site C (Azure), and the 10.10.20.0/24 as "local network" on the tunnel toward site A (meraki fw)?
BR
06-13-2023 02:24 AM
ASA must have two VPN tunnel
toward Site A (meraki FW) it local LAN will be 10.10.20.0/24 remote LAN will be 10.10.10.0/24
toward Site C (Azure) it local LAN will be 10.10.10.0/24 remote LAN will be 10.10.20.0/24
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide