I am looking at the following scenario.
2811 has point to point T1 connection to 7204. Right now all traffic between the 2 networks use this serial link. Both routers also have an ethernet WAN link. I am trying to create a vpn between the 2 routers using the WAN interfaces, but only want specific traffic to flow over the vpn. All other traffic will still use the serial connection.
I tried this last night using policy based routing at the 2811 end. The 2811 default gateway is the 7204 serial interace. I then directed any traffic destined for 172.24.157.225 and 172.24.157.226 out int fa0/1. This would not work, the only way I got traffic to flow over the vpn is if I changed the default gateway to the upstream neighbor on fa0/1. Is what I am trying to do possible?
description Inside Network
ip address 172.24.154.1 255.255.254.0
ip policy route-map vpn_map
ip address 192.168.10.30 255.255.255.252
ip address 98.x.x.2 255.255.255.0
crypto map mymap
ip route 0.0.0.0 0.0.0.0 192.168.10.29
ip local policy route-map vpn_map
access-list 120 permit ip any host 172.24.157.225
access-list 120 permit ip any host 172.l24.157.226
route-map vpn_map permit 20
match ip address 120
set ip next-hop 98.x.x.1
There is no route to the peer address 66.x.x.1xx so the router does not know how to get there. That would also explain why when you tried to add a static route with that as the next-hop the router wouldn't add it.
Do you know where the 66.x.x.1xx peer is in relation to the next-hop IP of 98.x.x.1 ?