Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Hub and Spoke VPN

I'm looking to do a hub and spoke VPN for about 5 sites. The hub will most likely be a 3005 concentrator. The spokes will be a mix of 501/506 Pix. Each spoke needs to be able to communicate with each other and the hub site. Each spoke site will be a single subnet. The hub site will be consist of 2 subnets (the 2nd subnet is connected to the hub site via a point to point T-1. No VPN.) This 2nd subnet is what I am not sure about. Will the 3005 concentrator as a hub with 501/506 Pixs as spokes allow for full communication between each spoke, the hub, and the remote subnet located off of the hub site.

Any thoughts or comments would be appreciated.



Re: Hub and Spoke VPN

All you will need is a route in the Concentrator routing to the subnet on the other side of the T-1.

If the remote side of the T-1 comes back through the hub as there as there default gateway (internet access etc..) you should not need any routes on the remote side. If they do not default back towards the Concentrator, your going to need to route your 501/506 subnets back across the T to the Concentrator.

In either case (assuming your Concentrator is not the default gateway on the hub side)

your going to want to route the 501/506 subnets to the Concentrator on the hub's side default router.

Hope that helps...

CreatePlease to create content