[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 230
  • Last Modified:

Routing changes

Hi All,

We currently have a working VPN using the following setup

10.100.0.0 -> Cisco ASA <INTERNET> Cisco 877 -> 10.200.0.0

and need to add a new subnet at each site of 10.101.0.0 and 10.201.0.0 respectivley.

Is it possible to configure this on the ASA & Cisco 877, if so does anyone have any sample configuration?

Thanks
0
Compaq_Engineer
Asked:
Compaq_Engineer
  • 2
1 Solution
 
JFrederick29Commented:
You simply need to add additional entries to the crypto access-list on each side.

On the ASA side:

access-list <name> extended permit 10.100.0.0 255.255.0.0 10.200.0.0 255.255.0.0   <--already exists
access-list <name> extended permit 10.100.0.0 255.255.0.0 10.201.0.0 255.255.0.0
access-list <name> extended permit 10.101.0.0 255.255.0.0 10.200.0.0 255.255.0.0
access-list <name> extended permit 10.101.0.0 255.255.0.0 10.201.0.0 255.255.0.0

On the 877 side:

access-list <name> extended permit 10.200.0.0 255.255.0.0 10.100.0.0 255.255.0.0  <--already exists
access-list <name> extended permit 10.200.0.0 255.255.0.0 10.101.0.0 255.255.0.0
access-list <name> extended permit 10.201.0.0 255.255.0.0 10.100.0.0 255.255.0.0
access-list <name> extended permit 10.201.0.0 255.255.0.0 10.101.0.0 255.255.0.0
0
 
JFrederick29Commented:
Copy/paste error:

You simply need to add additional entries to the crypto access-list on each side.

On the ASA side:

access-list <name> extended permit 10.100.0.0 255.255.0.0 10.200.0.0 255.255.0.0   <--already exists
access-list <name> extended permit 10.100.0.0 255.255.0.0 10.201.0.0 255.255.0.0
access-list <name> extended permit 10.101.0.0 255.255.0.0 10.200.0.0 255.255.0.0
access-list <name> extended permit 10.101.0.0 255.255.0.0 10.201.0.0 255.255.0.0

On the 877 side:

ip access-list ext <name or number>
permit 10.200.0.0 255.255.0.0 10.100.0.0 255.255.0.0  <--already exists
permit 10.200.0.0 255.255.0.0 10.101.0.0 255.255.0.0
permit 10.201.0.0 255.255.0.0 10.100.0.0 255.255.0.0
permit 10.201.0.0 255.255.0.0 10.101.0.0 255.255.0.0
0

Featured Post

Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now