×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ipsec vpn tunnel redirection

Unanswered Question

                   Hi All.,,


i hve one requirment if you can help me out


I have multilple sites connected via site-to-site ipsec vpn tunnel to HQ terminting on the same interface on HQ.



Requirmet is to redirect traffic  coming from all the sites to one of the main site where servers are hosted..


how can i do that.... ??


please let me know wht else infrmation is needed?/


thanks in advance!!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rizwanr74 Fri, 05/04/2012 - 12:27
User Badges:
  • Gold, 750 points or more

Hi Shekhar,


"Requirmet is to redirect traffic  coming from all the sites to one of the main site where servers are hosted.."


Please asnwer this question below.

redirecting IPSec encrypted IP-traffic or plain-text IP-traffic coming off the IPSec tunnel from both end points?

rizwanr74 Fri, 05/04/2012 - 12:47
User Badges:
  • Gold, 750 points or more

You need to policy based static nat on your ASA or Router, in order to redirect IPSec traffic.


Basically your HQ (Device) become a transite path for IPSec traffic as a result of policy based static-nat and actual tunnel end point will be the site where servers are hosted.


I assume, on this servers' remote site, either you have an ASA or Router to terminiated tunnel coming through the translated address to device (i.e. ASA or Router) hosted at server-side remote site.


Hope this answers your question.


thanks

Rizwan Rafeek

i got a bit of it...as i havtn't done polict static nat before....



let me explain u the situation again... to make sure we are on the same page


I am running a site to site ipsec vpn tunnel b/w HQ and 1 branch site say for e.g  Site 1


I am running also running a site to site ipsec vpn tunnel b/w HQ and 1 branch site(server site) say for e.g Site 2


nw the requirment is traffic coming from Site 1 to servers should terminate at HQ and afterthat HQ should redirect that traffic  to Site 2.


Kindly note :- I am using single physical interface at HQ router for both the Vpns.

Actions

This Discussion

Related Content