Solved: Cisco 857 and 877 - Force all traffic through VPN tunnel?

mlichtel32 · ‎10-16-2008

I am evaluating the Cisco 857 & 877 routers for a small business HQ to branch office scenario. I want to setup a matched pair of these devices, each a VPN endpoint. I want to forward all traffic from the branch site back to HQ. There would be no split tunneling. Is this possible to do through the Cisco SDM?

Collin Clark · ‎10-17-2008

Here is one of mine. Your remark will be somewhat different, but should have an explanation of VPN in some sort.

access-list 101 remark VPN Interesting Traffic Access List

access-list 101 permit ip 192.168.51.0 0.0.0.255 any

View solution in original post

Collin Clark · ‎10-16-2008

Mark all traffic as interesting, ie 0.0.0.0/0.0.0.0

Hope that helps

mlichtel32 · ‎10-16-2008

Thanks. What does this look like in the running config? Can it also be setup in the SDM WebGUI?

Ease of configuration is key. This is for a small business setup.

Collin Clark · ‎10-16-2008

I don't use SDM, but the VPN ACL should be 0.0.0.0/0.0.0.0 If it's already configured, look for the remote subnet and change it to all zero's. The other side will have to match.

mlichtel32 · ‎10-17-2008

Great, thanks! Any chance you can paste this example from a running config? I don't deal with the IOS CLI enough to understand exactly the line(s) I am looking at.

Collin Clark · ‎10-17-2008

Here is one of mine. Your remark will be somewhat different, but should have an explanation of VPN in some sort.

access-list 101 remark VPN Interesting Traffic Access List

access-list 101 permit ip 192.168.51.0 0.0.0.255 any

mlichtel32 · ‎10-17-2008

Thanks for your help!

mlichtel32 · ‎10-17-2008

Thanks for your help!