Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

VPN site to site

  • Filter
  • Time
  • Show
Clear All
new posts

  • VPN site to site

    Dear brother and sister,

    Please greeting from me, i am a new member in this forum. because i have some problem about vpn site to site. i am using ASA 5510 and it is running VPN 1 connection already but recently i have to build 1 more connection with the old IP address peer but different range ip address of local network at my partner .and i don't know what should i add configuration to my ASA to match to my partner site

    + This is my IP peer as example:
    this is my IP local that i have NAT it to my new one IP public address
    (1) ->
    (2) -> server)

    + My partner side
    this is Their ip peer
    their ip local
    note that we have done with (1) and it is working, but the problem is when we make a new connection with (2).

    Here is what i have done in ASA

    access-list outside_cryptomap extended permit ip host host
    access-list outside_cryptomap extended permit ip host host

    static (inside,outside) netmask
    static (inside,outside) netmask
    crypto ipsec transform-set ipsecset esp-3des esp-md5-hmac
    crypto map outside-map 1 match address outside_cryptomap
    crypto map outside-map 1 set pfs
    crypto map outside-map 1 set peer
    crypto map outside-map 1 set transform-set ipsecset
    crypto map outside-map 1 set security-association lifetime seconds 28800
    crypto isakmp policy 1
    authentication pre-share
    encryption 3des
    hash MD5
    group 2
    lifetime 86400
    tunnel-group type ipsec-l2l
    tunnel-group ipsec-attributes
    pre-shared-key *****

    Any one can guide me what configuration should i add more to my ASA
    i am sorry first because i have problem with my English.

    thanks with best regard,