Tunneling all traffic including Internet access

Unanswered Question
Jun 10th, 2009
User Badges:

Hi all.

We have several remote sites, connecting to headcuarters over IPSEC vpn to a Concentrator 3560.

The concentrator have a public ip, and the internal interface is on a DMZ firewall.

We need to tunneling all remote sites traffic including internet traffic, to reach internet over the headcuarter firewall.

I try to configure on remote sites routers and access-list "any" to create the tunnel, but the VPN fails on concentrator ....

I attach a schema

¿any idea?

Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Farrukh Haroon Thu, 06/11/2009 - 02:23
User Badges:
  • Red, 2250 points or more

You have to change the Access-list on both sides, did you change it on the concentrator (HQ) as well?



vgaraboa Thu, 06/11/2009 - 02:56
User Badges:

Thanks Farrukk.

Yes, y change the access-list, but I usa a "any ," on concentrator de vpn tunnels don't up.


Farrukh Haroon Thu, 06/11/2009 - 06:54
User Badges:
  • Red, 2250 points or more

Cam you post your config? and more details about the setup

If possible enable debugging on the VPNC and see whats going wrong.




This Discussion