[c-nsp] VPN L2L connecting to SSL VPN user?
Brandon Ewing
nicotine at warningg.com
Tue Dec 6 13:43:47 EST 2011
On Tue, Dec 06, 2011 at 09:24:11AM -0800, Scott Voll wrote:
> I think that was the one I was asking about.... unfortunately I already
> have it.... must be my config. Thanks.
>
> Scott
If you're running 8.1 or 8.0 code, you'll need a nat 0 statement for your
outside interface that the SSLVPN is terminating on, matching traffic from
SSLVPN net to L2L VPN nets.
8.2 or 8.3/4, identity NAT statements as mentioned, with (outside,outside)
as the interface pair.
Also, make sure that if you're using split-tunnel specified, that the L2L
VPN routes are being sent to the SSLVPN user.
I'd suggest using packet-tracer to debug, but you can't really simulate
incoming encrypted traffic using it. :/
--
Brandon Ewing (nicotine at warningg.com)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20111206/791b50dd/attachment.sig>
More information about the cisco-nsp
mailing list