Site-to-site vpn with internet access

Unanswered Question
Dec 10th, 2007

Hi,

im configuring a vpn tunnel between 2 sites over an adsl line. Could anyone tell me how this would change both site's internet access ability?

since the vpn uses the internet link to become a point-to-point link between the two sites, how will the users reach the internet? will this vpn tunnel stop internet access, or am i just over complicating things?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Mon, 12/10/2007 - 06:33

The configuration of the tunnel will determine which traffic is encrypted across it. The traffic which is not defined will be free to go to the internet unencrypted.

karien.verster Tue, 12/11/2007 - 03:44

ok, but what if the whole network needed to traverse the tunnel and still be able to access the internet?

or are you just saying i have to make really intricate ACLs?

acomiskey Tue, 12/11/2007 - 06:03

Just define the traffic you want to traverse the tunnel, all other traffic will go out to the internet. Let's say the network that needs to traverse the tunnel is 192.168.1.0 and the remote network being tunneled to is 192.168.2.0. Then the acl defining interesting traffic would simply be.

access-list crypto extended permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0

Actions

This Discussion