Cisco 857 and 877 - Force all traffic through VPN tunnel?

Answered Question
Oct 16th, 2008
User Badges:

I am evaluating the Cisco 857 & 877 routers for a small business HQ to branch office scenario. I want to setup a matched pair of these devices, each a VPN endpoint. I want to forward all traffic from the branch site back to HQ. There would be no split tunneling. Is this possible to do through the Cisco SDM?

Correct Answer by Collin Clark about 8 years 5 months ago

Here is one of mine. Your remark will be somewhat different, but should have an explanation of VPN in some sort.


access-list 101 remark VPN Interesting Traffic Access List

access-list 101 permit ip 192.168.51.0 0.0.0.255 any


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Collin Clark Thu, 10/16/2008 - 13:17
User Badges:
  • Purple, 4500 points or more

Mark all traffic as interesting, ie 0.0.0.0/0.0.0.0


Hope that helps

mlichtel32 Thu, 10/16/2008 - 13:20
User Badges:

Thanks. What does this look like in the running config? Can it also be setup in the SDM WebGUI?


Ease of configuration is key. This is for a small business setup.

Collin Clark Thu, 10/16/2008 - 13:24
User Badges:
  • Purple, 4500 points or more

I don't use SDM, but the VPN ACL should be 0.0.0.0/0.0.0.0 If it's already configured, look for the remote subnet and change it to all zero's. The other side will have to match.

mlichtel32 Fri, 10/17/2008 - 07:41
User Badges:

Great, thanks! Any chance you can paste this example from a running config? I don't deal with the IOS CLI enough to understand exactly the line(s) I am looking at.

Correct Answer
Collin Clark Fri, 10/17/2008 - 07:56
User Badges:
  • Purple, 4500 points or more

Here is one of mine. Your remark will be somewhat different, but should have an explanation of VPN in some sort.


access-list 101 remark VPN Interesting Traffic Access List

access-list 101 permit ip 192.168.51.0 0.0.0.255 any


Actions

This Discussion