[c-nsp] VPN L2L connecting to SSL VPN user?

Brandon Ewing nicotine at warningg.com
Tue Dec 6 13:43:47 EST 2011

On Tue, Dec 06, 2011 at 09:24:11AM -0800, Scott Voll wrote:
> I think that was the one I was asking about.... unfortunately I already
> have it.... must be my config.  Thanks.
> Scott

If you're running 8.1 or 8.0 code, you'll need a nat 0 statement for your
outside interface that the SSLVPN is terminating on, matching traffic from
SSLVPN net to L2L VPN nets.

8.2 or 8.3/4, identity NAT statements as mentioned, with (outside,outside)
as the interface pair. 

Also, make sure that if you're using split-tunnel specified, that the L2L
VPN routes are being sent to the SSLVPN user.

I'd suggest using packet-tracer to debug, but you can't really simulate
incoming encrypted traffic using it. :/

Brandon Ewing                                        (nicotine at warningg.com)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20111206/791b50dd/attachment.sig>

More information about the cisco-nsp mailing list