Hi, I have a 871 router which has a tunnel back to HQ. I want to force some traffic to go straight out onto the internet rather than through the tunnel
The routes currently are simply as follows: -
ip route 0.0.0.0 0.0.0.0 Tunnel11
ip route 10.128.6.0 255.255.255.0 10.217.106.129
I want to add ip route 126.96.36.199 255.255.255.0 10.217.106.129
When I add the route I cannot get access to the address from the client machines
A ping works fine from the router but if you specify the source IP address as the LAN address 10.213.124.33 then it fails
What am I missing/doing wrong?
I believe that Collin is on the right track. But I think that we may be able to focus the issue a bit more. If I understand the context of the issue correctly from jonathan the existing environment is that all traffic has been tunneled back to HQ. In this situation there is no need to translate any addresses. But now he wants to route some traffic directly to a destination rather than tunnel it to HQ. In that situation address translation is required and I suspect that no address translation is configured. (and if there is no translation then the traffic is routed out with private addresses as the source address - and Collin's question about a route back to you is right on the mark).
So configure address translation for the traffic being directly routed (but not for traffic going through the tunnel). Give it a try and let us know if it fixes your problem.