Connectivity between two site to site VPN

I have two remote sites that each connect to our main office using a site to site VPN. Remote offices have 831 routers. The main office has a PIX 515.

A remote office is 192.168.15.X and the other is 192.168.100.X. The main office is on a 10.X.X.X network.

Each remote office can contact the office with no problems. However, they cannot communicate with each other at all and I need this to work. I just want to be able to access the network 192.168.100.X network 192.168.15.X through the VPN tunnel that is already set up between each remote desktop.

I tried to add the other network to the ACL for the tunnel, but that did not work. I feel I'm missing something simple.

For example, the following ACL initially.

Note access-list 103 IPSec rule

access-list 103 allow ip 192.168.15.0 0.0.0.255 10.0.0.0 0.255.255.255

I added this line to this LIST.

access-list 103 allow ip 192.168.15.0 0.0.0.255 192.168.100.0 0.0.0.255

But that did not help.

Thanks in advance.

Hello

What code are you running on the Pix. Talk to talk IPSEC connectivity is supported only in version 7.0 and higher.

Enhanced support has spoke-to-Spoke VPN

Version 7.0 (1) improving support communications a spoke-to-spoke (customer-to-customer) VPN, providing the ability to traffic to enter and exit the same interface. In addition, remote access to splitting tunnel connections can be completed on the external interface of the security apparatus, enabling traffic destined to the Internet for remote user VPN tunnels to leave on the same interface as it happened (after that the firewall rules have been applied).

The same-security-traffic command permits traffic to enter and exit the same interface when it is used with the keyword a spoke-to-spoke VPN using intra-interface. For more information, see the section "Allows Intra-Interface traffic" in the in the command line Configuration Guide Cisco Security Appliance.

http://www.Cisco.com/univercd/CC/TD/doc/product/iaabu/PIX/pix_sw/v_70/70_rn/pix_70rn.htm#wp162358

Example of Configuration:

http://www.Cisco.com/en/us/partner/products/HW/vpndevc/ps2030/products_configuration_example09186a00804675ac.shtml

Let me know if it helps.

Kind regards

Arul

* Please note all useful messages *.

Tags: Cisco Security

Similar Questions

  • Problem set up RV connection between two sites

    Dear all,

    I'm putting a replication for some virtual machines from the production site to a recovery site. The two sites are on ESXi with vCenter 5.5 5.5 with their own AD domains. The connection between them is done with customer VPN Cisco of DR site in Production site.

    I installed SRM 5.5.1 on two places and I was able to successfully combine the two sites. The State of them is CONNECTED on both sites. On both environments, I deployed unit of replication vsphere and that they are properly registered on the two vCenters.

    The problem is that when I try to configure the connection of VR, I get the following error:

    VRM Server generic error. Please see the documentation for troubleshooting information. The detailed exception is: '"HmsServiceInstance" thrown an unexpected exception "java.net.UnknownHostException' with message 'siteB.dns.name' when calling method of managed objects' getContent".

    I get this error from two different points.

    I can't do a ping on the two sites using the FULL domain name and I've tried the following article:

    VMware KB: Configuration to connect to the VR in VMware vCenter Site Recovery Manager server reports the error:' managed objectives...

    Could you please help me solve this problem.

    Thank you

    Aleksandar Aleksandrov

    Hello

    In fact the two devices needs a connection between them as they periodically exchange messages for the two sites must be able to connect to vCenter Server port 80.

    Thank you

    Dzhem

  • Replication between two sites with essential Kit more

    Hi all

    can anyone confirm that the following scenario is possible?

    A basic Kit Plus - replication - another essential Kit Plus
    3 Hosts                                                                      Other 3 Hosts

    In other words: is it possible to replicate virtual machines between two sites, each managed by a single essential Kit Plus (outside the bounds of the CV)?

    I'm sure that is correct, but I want to be sure.

    Thank you guys!

    Alex

    Yes, you can use replication between vCenters thus vSphere. To do that you would like to devices VR is deployed to each vCenter and then connect them. How to do this is described in the VR installation and config and administrative documents.

    BTW, my name is GS.

    See you soon!

  • Try to set up a direct parallel connection between two computers in Windows XP Home edition

    I tried to set up a direct parallel connection between two computers in Windows XP. I have the right cable (CAT 5 Ethernet connection) and you can set up the connection on my own laptop, but when I go through the installer on another laptop it create new connection-establishment of advanced connection--> when the next window opens asking me to choose between "accept incoming connections" and "connect directly to another computer" (which I need to select) for the second option is grayed out and not can not be selected.

    The same thing happens when I try to implement the same connection between my laptop and the desktop we have. All of these computers are running on Windows XP service pack 2. I really need help with this because I'm about to start pulling my hair.

    Any help would be very, very, much appreciated.
    Thank you

    Hello

    Check it please this subject http://forums.computers.toshiba-europe.com/forums/thread.jspa?threadID=3423&messageID=11170

    I hope this will help you.

  • Bluetooth connection between two 7290

    Hello

    I want to create a connection between two BlackBerry 7290 with OS 4.1 I found something with BluetoothSerialPort, but if I pair the und devices 2 start the application I get no BluetoothSerialPortInfos with the static method of the BluetoothSerialPort class.

    I tried to create a BluetoothSerialPort without an Info but that does not work. I get an IOException to Scripture.

    public boolean keyChar (key char, int status, int time)

    {

    If (key is Characters.ENTER)

    {

    Try

    {

    _port = new BluetoothSerialPort ("Hi there", BluetoothSerialPort.BAUD_115200, BluetoothSerialPort.DATA_FORMAT_PARITY_NONE |) BluetoothSerialPort.DATA_FORMAT_STOP_BITS_1 | BluetoothSerialPort.DATA_FORMAT_DATA_BITS_8, BluetoothSerialPort.FLOW_CONTROL_NONE, 1024, 1024, this);

    H = 'hi. '

    _port. Write (h.GetBytes ());

    }

    catch (Exception e) {Dialog.alert (try ()) ;}}

    }

    }

    At this point, I get the Exception when writing. Can someone help me please? Martin

    When you pair the Bluetooth devices, they exchange a list of services they support.  This means that you will need to have a server side application up and running which listens to the incoming Bluetooth connections before they are matched.  Otherwise, the other Bluetooth device will not know about your application and will not be able to connect to it.

  • Connect between two different applications. A call to the other application.

    I would like to know if it is possible to connect between two different applications in oracle apex IE appeal one request for the other? If the applications are allowed even say LDAP.

    Yes,

    Refer to the post office, requested by me and answered by fac586

    How to use one login for all applications in one only workspace

  • Connectivity between two nodes of Virtual Box

    For a few days, I try to establish the network connectivity between two nodes OEL (Oracle Enterprise Linux) in Oracle Virtualbox. I tried everything I have found Google, but still nothing works, everytime I try to ping from one node to another node Hostname/IP is showing unknown host. All the advice everyone here will be great for me.

    Published by: 918868 on October 30, 2012 02:30

    When you create a virtual machine, by default VirtualBox allows virtual network card and selects the "Network Address Translation" (NAT) mode for it. In this way the guest can connect to the outside world using the networking of the host and the outside world can connect to services on the feedback that you choose to make visible outside of the virtual machine.

    This default configuration is good probably 95% of users of VirtualBox. VirtualBox is, however, extremely flexible in how it can virtualize networks. It supports multiple virtual NICs per virtual machine, the first four that can be configured in detail in the Manager window. Additional network cards can be configured on the command-line with VBoxManage.

    Source: http://www.virtualbox.org/manual/ch03.html#settings-network

    For more details, please see:

    Virtual networks
    http://www.VirtualBox.org/manual/CH06.html

    Concerning
    Girish Sharma

  • is it possible to establish a direct connection between two computers, one running on windows xp sp2 and other running on windows xp sp3?

    Hello
    I connected two computers, one running on windows xp sp2 and others running on windows xp sp3 via com using RS232 port via link Modem DFM-562E ++.
    I am able to dial numbers from a PC successfully.
    But when I do a direct link between them (one as a host, the other guest) through the com port, I get error 777.
    Is this because the two PC's using different service packs?
    Help, please.
    Thank you & best regards
    Ravi

    It is not the service pack - although you should have installed sp3 now.

    Your message is not clear: have you been able to connect successfully computers using your modem D-Link?  How did you do that?  Will there be a modem in the second computer?

    What cable are you using to establish a direct connection between the com ports on both computers?  If you have purchased this cable online, please provide a link to the site where you bought it.

    Please describe the physical connection between the two computers.  For example, this is how you connect to the Internet by dial-up services:

    computer 1-{(9 broches) RS-232 serial port}-{RS-232 cable supplied with the modem}-{modem}-{phone cord (RJ-11 modular plugs at each end)}-{telephone wall jack}

  • Data connection between two applications

    Hello world

    Is there a way to open a connection of type 'stream' between two applications without using the file system?  Writing on file seems too gross.  Surely someone does this!

    What I found so far:

    Object 'Event' does not seem to do... DOM seems to be communication within an application or suite.

    "Socket" seems to be ruled out by security, but no official word on this issue...

    "Then" explicitly says that only one application can access a serial port at any time...

    Class interface 'Connection' seems to have many children (taking one) but all seem to be dead ends.

    Anyone?

    Thank you

    DD

    I suggest using a global event. You can attach an object to the event and look to the other application.

    See the documentation for the API of ApplicationManager.postGlobalEvent () and the GlobalEventListener interface.

  • How to share internet connection between two computers (win7 & win XP)?

    "I plan to get cable internet connection ADSL broadband." And again, I want to share internet from one computer to another. »

    • But I have a question in mind which is lower.

    Before going to answer my Question Please read two notes point-

    Note:

    A. very important don't ask me what I have installed and what equipment I have in my PC? just give me a simple, easy answer. guess I'm no networking and I have two PCs. You teach me from scratch.

    B. do not use the more technical term. I hate it when someone using the most incredible technical term (its towers the response in the largest number of questions lol). just give me a simple answer.

    If you are eligible to condition or except my EULA :) go further and read my questions give me an answer simple and straight.

    Now please read the question below.

    Issues related to the:

    Q1. Which computer should I connect main internet connection (computer on which will better host win7 or Win XP)?

    Q2. What equipment I mean as a router, hub, NIC etc.? Please specify if these materials will be required for two PCs or for one.

    Q3. What type of Internet connection sharing will be better to be wired or wireless (cost, speed and security wise)?

    Q4. I need two IP address both part of connection to the internet between two PCs?

    Thanks in advance.

    Hi Zeff,

    You can make Windows 7 the main computer for internet connection and then host the Windows XP computer.

    For more information, see the article:

    Start here to set up a home network in Windows 7

    Networking of computers running different versions of Windows

    With respect to the equipment as a router, hub, NIC depend on the connection (wired or wireless) you want to use. You can also check with the ISP (Internet Service Provider) for more information.

    For more information, see the articles:

    What do I need to connect to the Internet?

    Setting up a network home

    Wired and wireless connections have great benefits, but they have also some disadvantages.

    Wired connection:

    > Faster and more robust than wireless connections but not so flexible when positioning of computers and devices because you must be connected to your Super Hub with an Ethernet cable.

    > Safer than wireless connections, but not so convenient for users of laptops and other mobile devices.

    WiFi connection:

    > Wireless! If you can connect when you want. However performance may be affected by walls, electric interference etc.

    > Ideal for users of laptops and other mobile devices, you can connect devices more but slower than wired connections

    > Very safe when used with higher level (WPA) encryption. You can connect your smart phone to your network wirelessly for faster browsing.

    However, unauthorized users could try to use your connection (which explains why security is so important).

    There are two types of IP addresses. external and internal. Both computers have the same external IP address but separate internal IP addresses. Each device in your network will have its own (internal) IP address. The external IP address, who sees the Internet is actually assigned to your router.

    Hope the helps of information. Let us know if you need help with Windows related issues. We will be happy to help you.

  • How to stop the connectivity between two computers that use the same IP address... ?

    Today, I managed to connect two computers with the same IP address. But now it is to be feared. for example, a person can access my computers using my IP and MAC address. So now, how can I stop the connectivity between these two computers. should what setting I use to stop.

    Tahnks.

    Hello

    1 have. what measures you taken to connect 2 computers with the same IP address?

    2. How are the 2 computers connected?

    3. how exactly you want to stop the connectivity between 2 computers?

    I want to tell you that 2 computers on the same network cannot have the same address. Each machine must have a unique address to identify it. A private network, as a home network connected to the internet, can be connected to a router to connect to the network, will have only 1 address, public IP address.

    In addition, if we know the IP address of a computer along the user ID and password, we can access the computer/shared files.

     
    If you are referring to the change of the IP address of the two computers, you can follow these steps and check.
     
    a. network connections open. Click the Start button, and then click Control Panel. In the search box, type 'adapter' and then, under center network and sharing, click view network connections.
    b. right click on the connection you want to change. Click on properties. If you are prompted for an administrator password or a confirmation, type the password or provide confirmation.
    c. click on the network tab. Under this connection uses the following items, click Internet Protocol Version 4 (TCP/IPv4) or Internet Protocol Version 6 (TCP/IPv6), and then click the properties button. To specify your IP for IPv4, click on use the following IP address, and then, at the address IP, subnet mask, and gateway boxes by default, type IP address settings.
     
    A typical IPv4 address looks like 192.168.0.2; a typical subnet mask is 255.255.255.0. The default gateway is usually the address of your router.
    For example, IP address: 192.168.0.2 by 192.168.0.12 (for computers)
    Subnet mask: 255.255.255.0
    DNS: 192.168.0.1
     
    I hope this helps. If you have any other queries/issues related to Windows, write us and we will be happy to help you further.

  • Connectivity between two piles of Dell 2048

    Hi guys, I'm very new to the configuration of the switches. We have a small office and just implement a new data room. We have 4 switches of POE Dell 2048 x stacked for VOIP and PCs phones and 2 x Dell 2048 switches stacked to our servers. I have 4 x 10 gb twinax cables to connect the two heaps as in the pic below:

    What is the best way to implement these four connections? I tried to do a SHIFT of four ports in each stack, and it seemed to fall some ping until I disabled STP for the LAG group. I'm a little worried about turning off STP however. These are the only switches that are on the network. Any ideas on what the best config for this would be appreciated. Sorry, as I said I am quite new to this.

    Thanks, Dave

    Hi guys,.

    Just to wrap this I configured LACP on the mentioned LAG today and now, she purrs like a kitten.

    See you soon,.

    Dave

  • A direct network connection between two computers of W7 SP1 64-bit to copy files without network?

    Hello.

    Is - this transfer copy machines a lot of large files between two updates 64-bit SP1 W7 (Enterprise and Home Premium) with a regular network cable without a network?

    Thank you in advance. :)

    If it doesn't, you may need an adapter inverter. Like this

  • back-to-back connection between two virtual machines on different ESXi servers

    Assume that a name of Virtual Machine VM1 is on ESXi Server 1 and Virtual Machine name is VM2 exist on ESXi Server 2.

    We can configure two Virtual Machines back to back as connect us two physical machine back to back via cross cable. is this possible?

    Sorry for typo's fault, should be separated vswitch, with dedicated physical network card adapter

  • Communication between two Sites

    Hello

    I need help on this particular question.

    I have a client that wants to connect two rooms by a conference of Cisco, he already has tv monitors so he does not want to invest on the screens of Cisco, but he needs the codec with the camera for video meeting with the other site.

    He already has the CUCM, my question is:

    (1) do I need a license to add codecs to the CUCM?

    (2) is licensed for each necessary codec?

    Thanks in advance,

    Hi Andres,

    (1) Yes, you need to license telepresence room to add the codec.

    (2) each Codec would require licensed telepresence room.

    For example: in your case if you go with the SX10, you will need two license like you it will be deployed in the two rooms.

    Please note so useful.

    Kind regards

    Adarsh Chauhan

Maybe you are looking for

  • Links in the menu

    Just moved over IE.On 10.0.2 on W7 A feature I found useful in IE, was that I could activate a "favotites bar" which mean the most frequently used links were "nail" at the top of the browser.Can't seem to get that in Firefox 10 I can activate "Most v

  • all in one on windows 8.1

    So, I just bought a new laptop with Windows 8.1.  The original while a cd does not support win 8.1 and ends.  I downloaded the software and the driver install for my j4680 wireless.  It unpacks and starts to run.  But nothing happens.  I look in the

  • Also suddenly see Message 'not genuine Windows.

    As requested I started a new thread since I have the same problem, I hope I did this right. I read the previous posts and also tried using "Change product key", but it does not work. The sticker on the bottom of my +/-5 years mobile said Windows Vist

  • Help - DR4000 and Symantec Backup Exec 2012

    We strive to set up a DR4000 with Symantec Backup Exec 2012 VRay Edition. DR4000 firmware is 1.0.1.1 I created a new container and all NFS and CIFS permissions without restrictions. (Free access) When I go to add a new drive according to the storage

  • How can I cancel the plan student and teacher of Photoshop for a year (paid monthly) when there is no Cancel button, shown under my account?

    The production plan shows that my plan has expired. He onlys gives me the possibility to reactivate my plan, but not giving the opportunity to abandon this plan. My payment method has changed, and it's a Chinese credit card. Please direct me to the G