Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 229
  • Last Modified:

Routing changes

Hi All,

We currently have a working VPN using the following setup

10.100.0.0 -> Cisco ASA <INTERNET> Cisco 877 -> 10.200.0.0

and need to add a new subnet at each site of 10.101.0.0 and 10.201.0.0 respectivley.

Is it possible to configure this on the ASA & Cisco 877, if so does anyone have any sample configuration?

Thanks
0
Compaq_Engineer
Asked:
Compaq_Engineer
  • 2
1 Solution
 
JFrederick29Commented:
You simply need to add additional entries to the crypto access-list on each side.

On the ASA side:

access-list <name> extended permit 10.100.0.0 255.255.0.0 10.200.0.0 255.255.0.0   <--already exists
access-list <name> extended permit 10.100.0.0 255.255.0.0 10.201.0.0 255.255.0.0
access-list <name> extended permit 10.101.0.0 255.255.0.0 10.200.0.0 255.255.0.0
access-list <name> extended permit 10.101.0.0 255.255.0.0 10.201.0.0 255.255.0.0

On the 877 side:

access-list <name> extended permit 10.200.0.0 255.255.0.0 10.100.0.0 255.255.0.0  <--already exists
access-list <name> extended permit 10.200.0.0 255.255.0.0 10.101.0.0 255.255.0.0
access-list <name> extended permit 10.201.0.0 255.255.0.0 10.100.0.0 255.255.0.0
access-list <name> extended permit 10.201.0.0 255.255.0.0 10.101.0.0 255.255.0.0
0
 
JFrederick29Commented:
Copy/paste error:

You simply need to add additional entries to the crypto access-list on each side.

On the ASA side:

access-list <name> extended permit 10.100.0.0 255.255.0.0 10.200.0.0 255.255.0.0   <--already exists
access-list <name> extended permit 10.100.0.0 255.255.0.0 10.201.0.0 255.255.0.0
access-list <name> extended permit 10.101.0.0 255.255.0.0 10.200.0.0 255.255.0.0
access-list <name> extended permit 10.101.0.0 255.255.0.0 10.201.0.0 255.255.0.0

On the 877 side:

ip access-list ext <name or number>
permit 10.200.0.0 255.255.0.0 10.100.0.0 255.255.0.0  <--already exists
permit 10.200.0.0 255.255.0.0 10.101.0.0 255.255.0.0
permit 10.201.0.0 255.255.0.0 10.100.0.0 255.255.0.0
permit 10.201.0.0 255.255.0.0 10.101.0.0 255.255.0.0
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now