Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Site to Site VPN using IOS and 3030 Concentrator

This is the first time I've set a VPN site to site using these devices. I've got it working and I can pass traffic between the two locations but I can't get to the Internet from the remote site. I'm assuming I need to modify my access-list. I don't want to do split tunneling and I want all traffic to traverse the corporate site. What is the best way to force all traffic from the remote site to go through the tunnel?

Cisco Employee

Re: Site to Site VPN using IOS and 3030 Concentrator

Assuming you have the Router at the remote site.

The crypto ACL on Router would say :

access-list 101 permit ip any

This way all the traffic would be tunneled to the concentrator.

Now, you need to check if you have a TDG (Tunnel DEfaul Gateway) configured on the 3030. Also, check what device is configured as TDG ?

Once you confirm that, I'll let oyu knw the way to configure the Internet access.

Now, assuming, there's no TDG configured, then on 3030 you have to create an Interface PAT rule for the remote LAN.

Add the remote network there, and it shpold work fine.

Hope this helps.


CreatePlease to create content