Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

bgp 7206 multiple isp's need vpn to term on loop0

(isp will not allow ping to directly connected peering ints.)

public ip on all interfaces on 7206, there is no

1918 space on it. ip's are from both isp's, load sharing via bgp.

1918 rem pix wan loop1 hq pix rfc1918


tun start tunnel end +

pub ip pub ip int outside pub ip

some vpns end here

int inside rfc 1918

1. can i terminate some tunnels to loopback1 on the router from remote pix devices, assuming loop has public ip. how would this be done?

2. what would be best way to get traffic from the 7206 at hq to the hq pix given the following constraints:

loopback1 will be in isp2s addy space

eth 2 is in isp2s addy space

vpn is from pix to loop, or related serial, interface, and the vpn encapsulates rfc 1918 space from the remote pix end that needs to get into the hq network, behind the 06. note:currently done via pix to pix vpn in some cases, but trying to lower vpn load on hq pix via terminating some tunnels to the 06. it can handle a dozen or so tunnels.

if the vpn packet is popped open on the 06 then the 06 will need to do something with rfc1918 space, yet it has public ip's on all eth interfaces.

so, a packet is suddenly sitting on the 06 with an rfc1918 addy, and the 06 is a perimeter router with bgp. and all ints have public ip addys. next interface is the outside of the hq pix, which has a public ip on it.

do i suddenly need a static to point all 1918 space to a particular addy??????? i.e. to the outside of the hq pix. would this even work?

thanks in advance.


Re: bgp 7206 multiple isp's need vpn to term on loop0

You can use site to site VPN tunneling through the ISP's since you have both sides PIX. Check out the following link

CreatePlease to create content