09-21-2010 02:27 AM
Hi All,
I have a problem, I have 2 sites both with ASA 5520's they are both connected via a site to site VPN.
this works fine all users in site A can access resources in site B and vice versa.
The problem comes when a user connects using a remote user VPN to site A they cannot access or ping anything in site B even though the FW issues them an ip in the range for site A.
Im sure there is something simple I have missed.
Thanks
Solved! Go to Solution.
09-21-2010 03:52 AM
If the VPN Client pool is in the same subnet as site A LAN, then you probably just missing the following:
1) Double check if you have split tunnel policy, and site-B LAN is included in the split tunnel ACL.
2) Configure "same-security-traffic permit intra-interface" on site A ASA.
If the above has been configured, please share config from both ASA to further check where the issue is.
09-21-2010 03:52 AM
If the VPN Client pool is in the same subnet as site A LAN, then you probably just missing the following:
1) Double check if you have split tunnel policy, and site-B LAN is included in the split tunnel ACL.
2) Configure "same-security-traffic permit intra-interface" on site A ASA.
If the above has been configured, please share config from both ASA to further check where the issue is.
09-21-2010 04:08 AM
Excellent thank you, you are a star!
I was missing 2
Schoolboy error, works fine now.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: