[c-nsp] Cisco ASA vpn hairpin
Garrett Skjelstad
garrett at skjelstad.org
Mon Sep 5 23:45:28 EDT 2016
without configs, how can anyone help you? Post sanitized pertinent
information. (ACLs, P1/P2 informations)
On Mon, Sep 5, 2016 at 3:55 PM, Pavel Dimow <paveldimow at gmail.com> wrote:
> Hi guys,
>
> I have a big problem in my setup and I don't know how to solve it plus it's
> urgent :(
>
> I have ASA1 and ASA2 and L2L IPSec tunnel. Everything working fine. Now, I
> have vpn users that use l2tp over ipsec to dialin in ASA1. They tunnel all
> traffic to ASA1. Everything is working fine, thay can access all hosts on
> ASA1 and they can browse the internet. The only thing that is not working
> is that they can't access the hosts located on ASA2. I checked crypto ACL,
> ACL and NAT rules everything looks fine. I have same-security-traffic
> permit inter-interface on ASA1. Anyone here who can help me please?
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list