Site-to-Site VPN - ISR Routers

Unanswered Question
Jun 3rd, 2009
User Badges:


We have three sites A, B and C and I would like to configure site-to-site VPN for the traffic going from A to C via B with 2800 routers in each site.

Is it better/possible to define one tunnel from A to C via B or should two tunnels be defined i.e. A to B and B to C.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Wed, 06/03/2009 - 12:30
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Is there any reason you can't go straight from A -> C ?

Regardless, if you only need to have a VPN between A & C then just create 1 VPN tunnel. There is no point in having router at site B having to decrypt packets from A then encrypt to C when all it needs to do is route packets from A -> C.


cisco24x7 Wed, 06/03/2009 - 16:05
User Badges:
  • Silver, 250 points or more

Isn't that what DMVPN for? If you make B the hub with A & C the spoke, then A can communicate with C through B


This Discussion