Routing two addresses to remote over tunnel and other address go public

Answered Question
Jan 29th, 2009

I have two IP addresses that need to communicate to a remote external IP addresse over established lan to lan tunnel vpn tunnel. All other local machines would route to remote external Ip address over public connections. What is best way to accomplish? Thanks

Correct Answer by John Blakley about 8 years 2 weeks ago

Tom,


I'm glad to hear it worked, and thank you for the rating. =)


John

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
John Blakley Thu, 01/29/2009 - 14:53

I would say a policy map would be the best way to go in this situation.


route-map TUNNEL permit 5

match ip address TWO-HOSTS

set ip next-hop


access-lists TWO-HOSTS

permit ip host 192.168.1.1 host 172.17.2.2

permit ip host 192.168.1.2 host 172.17.2.2


int fa4 (public address where crypto map is)

ip policy route-map TUNNEL


I don't know if this will work, but it could be a good start


HTH,


John


thomuff Fri, 01/30/2009 - 09:38

Here is follow-up question:

What happens when 192.168.1.3 tries to connect to 172.17.2.2


Is it discarded or routed normally?


Lan segment is 192.168.1.0/24


192.168.1.1 is local router DG and ip address on int fa4


Firewall is 192.168.1.250

ip route 0.0.0.0 0.0.0.0 192.168.1.250


VPN Concentrator is 192.168.1.100



What would happen to traffic that doesn't match policy route map, would it discard or route normal.

thomuff Fri, 02/06/2009 - 06:49

John,


Can you reply to this post one more time? Your post resolved my issue and I would like to give you credit.


Thanks

Tom

Correct Answer
John Blakley Fri, 02/06/2009 - 07:45

Tom,


I'm glad to hear it worked, and thank you for the rating. =)


John

Actions

This Discussion