2 Networks over 1 VPN tunnel

Hi Experts,

I have a question regarding the following.
We have a customer with two vlan's but 1 public IP.
is it posible to exempt 2 inside networks over 1 VPN tunnel.
We are using the followin ASA version : 9.4(1) and ASDM : 7.5(1)
I think the exempts are not configured correctly. Can you guys give me an example.

Our inside networks are as follows.

Educational network (City - Hilversum) : 192.168.102.x
Educational network (City - Eindhoven) : 192.168.100.x
Administrative network (City - Hilversum) : 10.100.100.x
Administrative network (City - Eindhoven) : 192.168.20.x

We have one tunnel with these two networks.
But there is not traffic going throught it.

Can anyone give us some advise?

Thanks in advance

Robin Derksen
Screenshot-1.PNG
screenshot-2.PNG
screenshot-3.PNG
screenshot-4.PNG
jav_sevenofnineAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jav_sevenofnineAuthor Commented:
dear experts,

Forgot to say that the VPN ocnnection is up. but there is only one way transfer.
screenshot-5.PNG
0
aleghartCommented:
Make groups for your objects:

VPN01-Local-group (yours)
VPN01-Peer-group (theirs)

Into those, place your network objects (usually subnets, but it could be several individual addresses).

Makes it much easier to make changes later.

Never used the wizard.  There is a config section for site-to-site VPNs.
0
Fred MarshallPrincipalCommented:
I don't know about the specific equipment but it may be easier to set up a VPN for each LAN pair.
Maybe it can be easier than that but this should surely work.
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

aleghartCommented:
You don't need separate VPN tunnels.  You can shive an entire /16 or two or three in the same tunnel.  No practical limit, unless subnet addressing overlaps.

I have a VPN tunnel carrying one /24 on one side, and three /16 + a handful of /24 on the other side.

You need to create groups (100% identical on both sides) and set the routes properly at your core routers to hit the VPN router, and not go to the default route to the internet.
0
jav_sevenofnineAuthor Commented:
We allready found the solution.
We indeed used the VPN wizard and a cryptomap entry was still present.
Which causing the issue.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jav_sevenofnineAuthor Commented:
i Rather have a quicker respons. we almost evertime solve our own questions.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.