Internet Access / Tunneling Access - Serperate via one router.

Unanswered Question
Mar 26th, 2008
User Badges:

I want to setup a high speed connection at a training site. I'm thinking of putting a router behind the ISP connection, along with a layer three switch. I want to setup multiple VLANS, one for each room.

Is it possible to have two completely separate VLANs, one connected to an IPSec tunnel and the other just access the internet only?

If so, please advise me as to how best to do it. Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dongdongliu Wed, 03/26/2008 - 23:48
User Badges:


you mean two vlan?

which is IPSec vpn end, router or L3 sw?



steveo123 Thu, 03/27/2008 - 02:34
User Badges:

you say that you want to setup a high speed connection at a training site... is the internet access already not present..? yes, you can run multiple vlans, one via IPsec and other for internet access, however what type of ISP CE device do you have?? and what type of connectivity and service is the ISP offering you ..? if you have an ISP router that supports VPN feature over ipsec to a remote WAN then thats fine. I know i am asking more questions then giving anwsers but your question is very broad...

dphills18 Thu, 03/27/2008 - 07:26
User Badges:

I haven't completely decided my ISP, but I am leaning toward Comcast Cable. I was thinking of a T1, but i don't think it warrants it at this time. I know cable has some pretty decent throughput. I will most likely bridge the connection to a Cisco router.

The training facility is a public building, and they are letting us bring in our own network. We talked about the possibility of allowing them to use the connection for internet access as well.

So I want to have it to where if my company is in one room (which I will have on it's on VLAN), and another company is in another room (on a separate VLAN), they can use the internet connection, without interfering with my company's network (but have my company's VLAN engaged in an IPSEC tunnel).

Basically, I do not want company B on the IPSEC tunnel and traversing via our network to get to the internet.

I'm wondering if the Cisco router can separate the two out. Hopefully i was a bit clearer.


This Discussion