Re: [fw-wiz] Cisco AnyConnect Remote Access to L2L tunnels



Hey Todd--

A couple questions:
1) Is the ASA a peer for the L2L tunnels?
2) Are crypto maps for the L2L tunnels on the same interface as the
AnyConnect VPN?
3) Do you have the hairpin enabled?
4) Can you send a copy of the ASA configuration?

cjw



On Wed, Jun 10, 2009 at 1:17 PM, Todd Simons<tsimons@xxxxxxxxxxxxxxx> wrote:
Hello All

We are using the Cisco AnyConnect Client for our remote user’s access, with
a global tunnel.   Internally we have a few corporate locations that are
linked by L2L tunnels (lets call it Site A, Site B and Site C).   The Remote
Access clients who connect to Site A can’t seem to use the L2L to Site B and
Site C.

Has anyone seen a document explaining how to do this?

Todd Simons

Lead IT Engineer

TSimons@xxxxxxxxxxxxxxx



Delphi Technology, Inc.

303 George Street, 5th Floor

New Brunswick, NJ  08901

www.delphi-tech.com



Experience, Innovation... Results.

## Scanned by Delphi Technology, Inc. ##

CONFIDENTIALITY NOTICE
This e-mail message from Delphi Technology, Inc. is intended only for the
individual or entity to which it is addressed. This e-mail may contain
information that is privileged, confidential and exempt from disclosure
under applicable law. If you are not the intended recipient, you are hereby
notified that any dissemination, distribution or copying of this
communication is strictly prohibited. If you received this e-mail by
accident, please notify the sender immediately and destroy this e-mail and
all copies of it.

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: Two external ips (IPSEC problem)
    ... I have an ASA 5510 in our central office that connects our other ... All but one office is on static public ips, ... I do site-to-site tunnels to all the offices but i have a problem with ... interface. ...
    (comp.dcom.sys.cisco)
  • Re: Two external ips (IPSEC problem)
    ... offices around the country (The smaller offices has ASA 5505:s). ... All but one office is on static public ips, ... cause i've understood that's the only way to do dynamic tunnels in ... I'm not trying to set up dynamic remote access VPN, ...
    (comp.dcom.sys.cisco)
  • Re: terminating IPSec vpn on multiple interfaces
    ... second interface, ... through two different interfaces on asa. ... If you want to have two different tunnels to a remote site you may try to ...
    (comp.dcom.sys.cisco)
  • Re: Suggestion for a VPN concentrator?
    ... do you have any any suggestion for a concentrator that should manage about 100 connection from teleworkers? ... Is the ASA series the only one available for this purpose? ... I would recommend ASA 5510 which can support 150 tunnels. ...
    (comp.dcom.sys.cisco)