Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

VPN 3030 in One-armed config


Need to setup a one-armed VPN concentrator, facing the internal LAN.

I've configure all the necessary (disable the Public if) but still not working.

Anyone can help on this??


Community Member

Re: VPN 3030 in One-armed config

How did you set it up? I'm looking to do the same thing. I think, though, that you would have all traffic coming through the Public IP and have the private interface disabled. The public IP would be on the same subnet as your internal network and is (obviously) behind the firewall. Then, any traffic that is routed to the concentrator's public interface does an immediate turnaround and is routed to the internal network. That's what you're trying to accomplish, right? Here's a post I found that mentions what you're trying to do.

The only device we really have that will do what you are needing

> > > done

> easily

> > > is the VPN concentrator. The VPN concentrator can be set up so

> > > that you

> can

> > > have a tunnel default gateway so that when the traffic hits the

> > > device through the VPN tunnel and it's not destined for anything

> > > that the concentrator considers to be local traffic, it

> > > automatically sends it to

> the

> > > address you set up as the "tunnel default gateway" which is

> > > normally the inside of the firewall, then with proper nat'ing the

> > > vpn/pptp/ipsec

> tunnels

> > > ip address that user would be able to have internet access.

CreatePlease to create content