Announcement

Collapse
No announcement yet.

Cisco VPN Help

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco VPN Help

    Hi

    I have got a Cisco ASA5510 that is up and running and it has got a Site to Site VPN to another office configured.

    I have also setup a Group_VPN (client dial in vpn) for home workers, but I need them to also be able to connect to devices on the other end of the Site to Site VPN.

    Does anyone know how I can do this?

    THanks

    Paul

  • #2
    Re: Cisco VPN Help

    If I understand your post correctly, you would need to enable intra-interface routing between vpn's by entering the following command:

    Code:
    same-security-traffic permit intra-interface
    I enable this on my ASA5520 so a VoIP call can be made between vpn clients (home office to home office)

    Also, be carefull with this command. You are globally allowing vpn to vpn traffic. I had to secure this by ONLY allowing VoIP traffic between vpn's by specifying ACL's. All other traffic is denied between vpn's

    Comment


    • #3
      Re: Cisco VPN Help

      Hi

      Thanks for that, how do you restrict it to just VOIP?

      Just with a normal ACL? ie DHCP VPN IP Range -> Destination only allow VOIP?

      Comment

      Working...
      X