08-14-2007 09:19 AM - edited 03-05-2019 05:53 PM
I have (2) networks; one is a private point-to-point T1 the other is a VPN connection across the public internet. I am trying to get the two sites to communicate through my corporate office where both the t1 and VPN is terminated. On the T1 side i have a 1720 on the remote and a 3745 at corporate. On the VPN side I have a PIX at the remote and a VPN3000 at corporate. The private remote network is 192.168.40.0/24 and the VPN network is 192.168.71.0/24. Corporate is 192.168.10.0/24. How can i route traffice from the VPN site to the private T1 remote and vice/versa?
08-14-2007 10:57 AM
Are you running a routing protocol on either network?
If not, you will have to either add a dynamic routing ptotocol or static route so the netowkrs know how to connect to each other.
08-14-2007 12:02 PM
You'll need to put a NAT 0 statement for non-vpn subnet on the external Interface goign to your VPN site. This should allow traffic though.
We had a similar problem where traffic couldn't get routed between 2 VPNs, comming into a single device. The NAT 0 on the outbound interface fixes that.
-Ross
08-14-2007 12:10 PM
Ross do you have the exact string?
08-15-2007 08:01 AM
ACLs - selecting traffic to and from the remote site.
access-list CAMPUS_nat0_outbound extended permit ip 10.108.10.0 255.255.255.0 10.97.46.0 255.255.255.0
access-list CAMPUS_nat0_outbound extended permit ip 10.97.46.0 255.255.255.0 10.108.10.0 255.255.255.0
nat (CAMPUS) 0 access-list CAMPUS_nat0_outbound
These commands are for the ASA. Not sure of the coresponding command for the router, but i'm sure it is something similar.
'(CAMPUS)' is referring to a physical interface, that is named campus. I'm guessing that you would do this at the router(config-if)#, and leave off the (CAMPUS) part.
-Ross
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: