Remote Access configuration for hybrid Hub-and-Spoke networks
Posted on 2007-10-01
Need some help in configuring remote access VPN via PIX.
1. Local network, say network A: 10.10.x.x. With connection to Internet and other site via MPLS.
2. Other site1, say network C: 10.15.x.x.
3. 'spoke' sites from network A, say network B: 10.11.x.x. Appliance used for Site-to-site VPN between B and A is Cisco PIX 515 with PIX 7.2.
So far, all is well between the 3 networks. Traffic is allowed between A, B and C with A as the 'hub' between B and C. Users on network A and B are accessing an application server in network C just fine. Users on B are accessing network C via network A's MPLS.
I now want remote access users from home, to VPN into site A, and still able to access applications hosted in site C. VPN address pool allocated is 192.168.x.x.Packet Tracer on ASDM is used to trace packet from 192.168.x.x to 10.11.x.x to be successful, but the testing revealed otherwise.
What else can I look into to ensure connectivity for Remote Access to network C via tunneling into A?