Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
720
Views
0
Helpful
2
Replies

Using VPN Client to access remote network over L2l

Go to solution
Thiago Cella
Level 1
Level 1

‎04-04-2013 08:46 AM

I´m tring to configure ASA 5505 with VPN Cleint,  to access a remote network over a L2L with another ASA 5505, but no sucess. Is there any special feature to this work?

Follow the topology

tks

vpn client.jpg

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎04-04-2013 09:18 AM

Hi,

You need to make sure you have the following configured

  • same-security-traffic permit intra-interface
    • This will allow the VPN Client traffic to enter the ASA and leave it through the same interface
  • If you are using Split Tunnel ACL with the VPN Client, make sure that the ACL has the Remote Site network included
    • If you are using Full Tunnel this wont be an issue
  • Make sure that the L2L VPN ACL that defines the "interesting traffic" includes the VPN Client Pool on both sides of the L2L VPN
  • Configure a NAT0 on the VPN Client ASA "outside" interface that does NAT0 for VPN Client Pool to Remote Site Network

If you have some actual configuration to share I can try to help with those. Otherwise I can only give some general things like the ones above to check.

- Jouni

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎04-04-2013 09:18 AM

Hi,

You need to make sure you have the following configured

  • same-security-traffic permit intra-interface
    • This will allow the VPN Client traffic to enter the ASA and leave it through the same interface
  • If you are using Split Tunnel ACL with the VPN Client, make sure that the ACL has the Remote Site network included
    • If you are using Full Tunnel this wont be an issue
  • Make sure that the L2L VPN ACL that defines the "interesting traffic" includes the VPN Client Pool on both sides of the L2L VPN
  • Configure a NAT0 on the VPN Client ASA "outside" interface that does NAT0 for VPN Client Pool to Remote Site Network

If you have some actual configuration to share I can try to help with those. Otherwise I can only give some general things like the ones above to check.

- Jouni

0 Helpful

Go to solution
Thiago Cella
Level 1
Level 1
In response to Jouni Forss

‎04-04-2013 10:52 AM

Tks JouniForss!!!

When i configured the command "same-security-traffic permit intra-interface" , the connection worked!

TKS!

0 Helpful
Customers Also Viewed These Support Documents