cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1027
Views
5
Helpful
19
Replies

which route add?

edgar-quintana
Level 1
Level 1

Hi,

Which would be the routing configuration if the cisco 2821 has configured tw gigabitethernet port with addresses

192.168.156.254 (LAN)

83xxxxxxxxxxxxxx(conneted to the lmds device)

several ipsec tunnels configurated.

The problem is tha I do not want to used default routing configuration (0.0.0.0 0.0.0.0 83xxxxxx)

I want to have only one static permanent route for each tunnel.

best regards

19 Replies 19

Amit Singh
Cisco Employee
Cisco Employee

Please paste your router configuration and we will suggest accordingly.

-amit singh

Hi,

here is my configuration

best regards and thks

Hi Edgar

If your remote destinations are reachable via the single gateway ip then you can have a single route (default route) pointing via the host ip...

But if your vpn peers are not reachable via the gateway then you need to have different set of static routes pointing towards the gateway through which it can be reached.

If this doesnt solve your purpose do post more on the requirement you have in place and also possible placements of your remote vpn peers..

regds

Hi,

I need to use static routes no default route because I need to use the default one for another wic.

Hi Ed

Are you saying that your IPSEC peers are via a different link than you normal internet connection.

You do not need routes for the remote network in an IPSEC configuration however if the peer addresses are reachable via a different interface then you need to just add individual statics on your router eg.

ip route "peer address" 255.255.255.255 "next hop"

HTH

Jon

Ok

Then, resuming| ...

There are 3 ipsec site to site tunnels configured.

192.168.157.0

192.168.154.0

192.168.155.0

Mi lan is under the gigabitethernet0/0 with address 192.168.156.0

The gigabitethernet0/1 has ip address 83.xxx and routes all to the lmds device connected to this giga port.

Now there is a static route ip route 0.0.0.0 0.0.0.0 83.175.212.225 permanent and works fine but,

if I add 192.168.157.0 255.255.255.0 83.175.212.225 permanent.. and more for the rest...

It does not work ...

Pcs has static routes like this...

route add -p 192.168.157.0 mask 255.255.255.0 192.168.156.254( the router ip addres)

Where is the problem?

I do not want to use default route only specified.

Best regards

Ed

Please bear with me because i think i might be having one of those days :)

You don't need static routes for your remote subnets with IPSEC tunnels. Why do you need to add a route for the remote subnet pointing to the same next hop as the default route.

Jon

I will add a adsl wic with default route for internet browsing... and the existan gigaport for ldms tunnels

Ed

If you add an adsl wic for internet browsing and the tunnels still go via the gigabit connection then you need to add static routes for the remote peers not the remote subnets pointing out the gigabit interface.

Does this make sense ?

Jon

Then..

What will be the solution?

Adding 3 static routes (one for each tunnel)

ip route peer_address 255.255.255.255 83.175.212.225 permanent

???

Ed

Yes, just add routes for the remote peers and leave your default route pointing to the internet gateway.

Jon

Ok,,

If I only define static routes for tunnels Iwould work isnt it?

Ed

You will still need your default route for all non tunnel traffic.

Jon

Aja, but suposse that I only want tunnel traffic.. is necessary always to define default route?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: