Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ip sec tunnel routing

how would I apply certain routes to go through my ipsec tunnel on my router ?

  • Other Network Infrastructure Subjects
8 REPLIES

Re: ip sec tunnel routing

you can use it by pointing the static route to the tunnel interface as well as you can do it by publishing the tunnel network in your routing table...

regards

Devang

rate this post if it helps

New Member

Re: ip sec tunnel routing

i was told you have to use an access list to allow interesting traffic to bring up the tunnel ?

Re: ip sec tunnel routing

hi carl...

its all depends on your connectivity... when you use normal connectivity and configuration you not need to define intresting traffice... you are using accesslist to allow intresting traffic when you have ISDN connectivity....

regards

Devang

please rate the post if it helps

Re: ip sec tunnel routing

Hi Carl

Instead of encrypting all the traffic going via an interface where the crypto map is applied and as a prequistie you need to mention the interesting traffic using the ACLs (mostly the local lan subnets of your locations between which you are creating the ipsec tunnel).

regds

New Member

Re: ip sec tunnel routing

so I gather I have to point a route to the interface, and also an access list on the interface to encrypt the traffic, am i right ?

Re: ip sec tunnel routing

Hi

You simply need a default route via your wan interface and define interesting traffic to be encrypted using ACL so that the particular interesting traffic gets encryption strength.

regds

New Member

Re: ip sec tunnel routing

do we point this to the wan interface, am I right in saying the ipsec is just applied to the wan interface ?

Re: ip sec tunnel routing

Hi Carl

Yes you are right , you need to point the same through which you can reach your peer router.

Almost in all the cases its towards the WAN interface through which we reach the outside world.

regds

126
Views
0
Helpful
8
Replies