Re: VPN Scenario

Imran Irshad · ‎05-10-2011

Dear VPN Experts,

I have configured Cisco ASA 5550 as VPN Server with Static IP in H.O 1

In Branch 1,2,3,4, we have configured Cisco ASA 5505 as VPN client.

Both side commendations is working fine.

Question:

1: We wanna add more Two Cisco ASA 5550 in H.02 and H.03 which will communicate with H.O1 and Branch 1,2,3,4.

2: Can branches communicate each other?

3: can braches communicate with H.0 1 and also H.O2 & H.O3

Pls. view attached Scenario JPG

.

Kindly advice

Any Solution

I.A

andamani · ‎05-10-2011

The branches cannot communicate with each other as they are RA VPN setups.

You will need to define a seperate VPN profile for each H.O.2 and H.O.3 on the vpn client. Also you will need to make RA VPN connection configuration both the firewalls.

But at a time a RA VPN can connect to just one H.O..

If you want to access the H.O.2 & 3 when connected to H.O.1, then you will need to define ur interesting traffic on HO1 as

1. permit network behind HO2 to pool ip

2. permit network behind HO3 to pool ip

Also nat exempt the traffic mentioned above. Configure same-security permit intra interface.

Hope this helps.

Regards,
Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

Imran Irshad · ‎05-15-2011

Hi Anisha,

It means we can communicate with Branches through H.O 1 if we will access from H.O 2 or H.O 3

Regards

I.A

andamani · ‎06-12-2011

i guess so

Hope this helps.

Regards,
Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.