Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

IOS IPSec VPN - Forwarding out non-default routed interface

Hi all,

I have a setup with 2 ISP's, and a crypto map applied to the interface of each ISP. The default route points out ISP1. I would like to connect a client VPN to the non-default routed interface. My question is how does the router know which interface to send the packets with private source/destination IP's of the other end? I know there is an IP local pool statement given to the VPN group, but when is that taken into consideration?

I've never seen a route statement created for the IP's in the local pool, so can someone explain the logic of the router?


Re: IOS IPSec VPN - Forwarding out non-default routed interface

For sending the packets to the private source/destination IP the router will normally use the default gateway. However certain traffic can be classified and can be made to go through some other routed interface. The IP local pool has no relation to the routing decision made by the router.

CreatePlease to create content