Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
529
Views
0
Helpful
3
Replies

Tunneling all traffic including Internet access

vgaraboa
Level 1
Level 1

‎06-10-2009 09:27 AM - edited ‎02-21-2020 03:30 AM

Hi all.

We have several remote sites, connecting to headcuarters over IPSEC vpn to a Concentrator 3560.

The concentrator have a public ip, and the internal interface is on a DMZ firewall.

We need to tunneling all remote sites traffic including internet traffic, to reach internet over the headcuarter firewall.

I try to configure on remote sites routers and access-list "any" to create the tunnel, but the VPN fails on concentrator ....

I attach a schema

¿any idea?

Thanks in advance.

Preview file
77 KB
0 Helpful
3 Replies 3

Farrukh Haroon
VIP Alumni
VIP Alumni

‎06-11-2009 02:23 AM

You have to change the Access-list on both sides, did you change it on the concentrator (HQ) as well?

Regards

Farrukh

0 Helpful

vgaraboa
Level 1
Level 1
In response to Farrukh Haroon

‎06-11-2009 02:56 AM

Thanks Farrukk.

Yes, y change the access-list, but I usa a "any , 0.0.0.0 0.0.0.0" on concentrator de vpn tunnels don't up.

¿?

0 Helpful

Farrukh Haroon
VIP Alumni
VIP Alumni
In response to vgaraboa

‎06-11-2009 06:54 AM

Cam you post your config? and more details about the setup

If possible enable debugging on the VPNC and see whats going wrong.

Regards

Farrukh

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card