Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How to route vpn traffic through the tunnel


I have i Cisco 1841 router, also used as dhcp server

In my inside network I have an Endian firewall just to terminate an ipsec site to site tunnel to remote location.

Local network:

1841 inside/default gateway


Remote network:

I want traffic to remote network to go through Endian withou having to add static routes on each client as I have to now

Is this something the dhcp server handles, giving routes to the client.

Or should the router take care of this

This is problaby basic network knowledge I should now:)

I have a static route on the 1841 but that doesnt seems to do anything.




How to route vpn traffic through the tunnel

IPSEC VPNs can be route-based or policy-based .

If you're using route-based you must use some kind of routing, either static or dynamic routes, to decide what traffic goes to the tunnel.

If you're using policy-based then your router ACLs will decide what traffic goes to the ipsec tunnel

Could you please share your configuration ?

New Member

How to route vpn traffic through the tunnel

I managed to solve it.

At first it didnt work so I had the dhcp server send the routes to the clients, and that worked. But thats not ideal since I have clients/servers with static ip adress.

What I did whas to add option 121 and 249 to the dhcp server

ip dhcp pool




   option 121 ip

   option 249 ip

But later I realized that I had an error in my routes, but after I added

ip route 3

ip route 2

to my config it worked for all, also static ip machines. is the Endian firewall that terminates the ipsec tunnels, and 172.17.60 and 192.168.126 are subnets at two remote branches.