I have situation where remote access ipsec client have to connect to ASA firewall to send and receive traffic using site to site tunnel on the same ASA, in the logs I am seeing packets dropped as it is sourced and destinated to the same interface.
Did any one ever tried such setup? Did it work? I see it is logical and possible
Cisco – Pass traffic from remote access to site to site tunnel
ciscofirewallipsecvpn
Related Topic
- Vpn – Vyatta/EdgeOS remote access VPN without NAT
- Vpn – Cisco ASA Site-to-Site VPN, remote LANs have no Internet
- Vpn – Cisco IPSec Pass-through on ASA 5505 not working
- Cisco – ASA IPsec Removing peer from correlator table failed, no match
- Vpn – SonicWall is dropping encrypted packets with error “sonicwall ipsec vpn decryption failed selector check error”
Best Answer
If you want to permit flows of traffic, that coming in on an interface and to be routed back out the same interface
it's called hairpinning: https://community.cisco.com/t5/security-documents/hairpin-u-turn-traffic-off-an-interface-on-an-asa-running-8-3-or/ta-p/3129668