How to allow traffic between remote VPN subnet and site-to-site VPN subnet?

Home Forums Networking Cisco Security – PIX/ASA/VPN How to allow traffic between remote VPN subnet and site-to-site VPN subnet?

Viewing 1 post (of 1 total)
  • Author
    Posts

  • gustaav
    Member
    #165801

    [SIZE=14px]Hello. We have this VPN scenario with our Cisco ASA firewalls:[/SIZE]

    • Our main’s office LAN subnet: 172.16.0.0/25
    • Our branch’s office LAN subnet: 172.16.1.0/25
    • Our branch’s office IP pool for remote VPN: 172.16.1.128/25

    [SIZE=14px]There’s a site-to-site VPN configured between the Cisco ASA firewall of the main office and the Cisco ASA firewall of the branch office. The branch office has several VPN remote users. So:[/SIZE]

    • Traffic between subnets 172.16.0.0/25 and 172.16.1.0/25 works fine.
    • Traffic between subnets 172.16.1.0/25 and 172.16.1.128/25 works fine through Cisco VPN client.

    [SIZE=14px]The question is: What ACL/NAT configuration do I need in the branch’s firewall in order to allow traffic between 172.16.1.128/25 subnet and 172.16.0.0/25 subnet?[/SIZE]
    [SIZE=14px]Thanks in advance![/SIZE]

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Don't leave your business open to attack! Come learn how to protect your AD in this FREE masterclass!REGISTER NOW - Thursday, December 2, 2021 @ 1 pm ET

Active Directory (AD) is leveraged by over 90% of enterprises worldwide as the authentication and authorization hub of their IT infrastructure—but its inherent complexity leaves it prone to misconfigurations that can allow attackers to slip into your network and wreak havoc. 

Join this session with Microsoft MVP and MCT Sander Berkouwer, who will explore:

  • Whether you should upgrade your domain controllers to Windows Server
    2019 and beyond
  • Achieving mission impossible: updating DCs within 48 hours
  • How to disable legacy protocols and outdated compatibility options in
    Active Directory

Sponsored by: