[c-nsp] Cisco ASA vpn hairpin
Murat Kaipov
mkkaipov at gmail.com
Tue Sep 6 00:53:59 EDT 2016
Hello, it looks like NAT rules issue.
> 6 сент. 2016 г., в 1:55, Pavel Dimow <paveldimow at gmail.com> написал(а):
>
> Hi guys,
>
> I have a big problem in my setup and I don't know how to solve it plus it's
> urgent :(
>
> I have ASA1 and ASA2 and L2L IPSec tunnel. Everything working fine. Now, I
> have vpn users that use l2tp over ipsec to dialin in ASA1. They tunnel all
> traffic to ASA1. Everything is working fine, thay can access all hosts on
> ASA1 and they can browse the internet. The only thing that is not working
> is that they can't access the hosts located on ASA2. I checked crypto ACL,
> ACL and NAT rules everything looks fine. I have same-security-traffic
> permit inter-interface on ASA1. Anyone here who can help me please?
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list