02-04-2007 05:03 PM - edited 02-21-2020 01:24 AM
Hi Guys,
I have a site to site connection between two concentrators, but the remote branch is taking its internet connection from the Head office Internet. We want it to go to the internet through its own DSL through the concentrator. the gateway of the users is the concentrator and we need to permit traffic to go without encryption thru the concentrator at the remote branch unless it goes to the internal servers at the Head office...
Regards,
02-09-2007 06:32 AM
The VPN 3000 Concentrator required that the third Aggressive mode packet be encrypted. In versions prior to 3.6.Rel, this was not required. The VPN 3000 Concentrator now accepts the third Aggressive mode packet, either encrypted or unencrypted.
02-18-2007 06:33 AM
Hi,
You have configure Interface NAt rule for that. So that all the traffic meant for Internet would do out being patted to the Conc Public Intf ip address.
To configure a NAT rule :
http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/4_7/config/polmgt.htm#wp1321478
Since, the vpn traffic is automatically exempted from NAt, so it would be effective only for unencrypted traffic.
HTH,
-Kanishka
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide