Cisco ASA - VPN and Hairpinning....

Posted by Nordberg on Server Fault See other posts from Server Fault or by Nordberg
Published on 2010-06-09T10:00:48Z Indexed on 2010/06/09 10:02 UTC
Read the original article Hit count: 378

Hi,

We have 2 sites that will be linked by a IPSEC VPN between 2 Cisco ASAs:

Site 1 8Mb ADSL Connection Cisco ASA 505

Site 2 2Mb SDSL Connection Cisco ASA 505

Basically, both sites need access to a service at the end of another IPSEC VPN, Site 3, which I plan to terminate at Site 2. This is due to the way the service is sold - it's billed per gateway. So if both Site 1 and Site 2 had their own VPN connection to Site 3, it would cost us twice as much... Anyway, my idea is to have all traffic from Site 1 destined for Site 3 to go via the VPN between Site 1 and Site 2. The end result being all traffic that hits Site 3 has come via Site 2.

I understand this is known as hairpinning but I'm struggling to find a great deal of information on how this is setup. So, firstly, can anyone confirm that what I'm trying to achieve is possible and, secondly, can anyone point me in the direction of an example of such a configuration?

Many Thanks.

© Server Fault or respective owner

Related posts about vpn

Related posts about cisco