Site-to-site vpn with internet access

Unanswered Question
Dec 10th, 2007
User Badges:

Hi,

im configuring a vpn tunnel between 2 sites over an adsl line. Could anyone tell me how this would change both site's internet access ability?


since the vpn uses the internet link to become a point-to-point link between the two sites, how will the users reach the internet? will this vpn tunnel stop internet access, or am i just over complicating things?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Mon, 12/10/2007 - 06:33
User Badges:
  • Green, 3000 points or more

The configuration of the tunnel will determine which traffic is encrypted across it. The traffic which is not defined will be free to go to the internet unencrypted.

karien.verster Tue, 12/11/2007 - 03:44
User Badges:

ok, but what if the whole network needed to traverse the tunnel and still be able to access the internet?


or are you just saying i have to make really intricate ACLs?

acomiskey Tue, 12/11/2007 - 06:03
User Badges:
  • Green, 3000 points or more

Just define the traffic you want to traverse the tunnel, all other traffic will go out to the internet. Let's say the network that needs to traverse the tunnel is 192.168.1.0 and the remote network being tunneled to is 192.168.2.0. Then the acl defining interesting traffic would simply be.


access-list crypto extended permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0

karien.verster Tue, 12/11/2007 - 06:26
User Badges:

Thank you very much. this has helped me a great deal!


now let me get to it!

Actions

This Discussion