Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

DSL / VPN on Same Router

Hi,

I have a small site with 30 users with 512Kb DSL connection for internet access.

We would like to have a VPN Tunnel with our HQ, can we have Router termninating VPN Tunnel and DSL connection. Physical two internet connection ( both ethernet connection from different ISP )

All traffic to HQ should pass via VPN Tunnel and all internet traffic should pass via DSL.

Can we terminate both Connection on the Router in a secure way.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: DSL / VPN on Same Router

Hello Amin,

as a starting point look at how to make internet access with NAT coexist with an IPsec VPN connection

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml

Hope to help

Giuseppe

3 REPLIES
Hall of Fame Super Silver

Re: DSL / VPN on Same Router

Hello Amin,

this is possible the most important thing is to use an extended ACL to define what has to be processed NAT where you first deny traffic to the HQ:

access-list 151 deny ip 192.168.3.0 0.0.0.255 192.168.0.0 0.0.255.255

access-list 151 permit ip 192.168.3.0 0.0.0.255 any

the ACL can be invoked by a route-map that can be used in the NAT command.

Similar ACLs will define what has to go encrypted on the VPN tunnel:

access-list 155 permit ip 192.168.3.0 0.0.0.255 192.168.0.0.0 0.0.255.255

You can even use a single physical link for this.

Hope to help

Giuseppe

Community Member

Re: DSL / VPN on Same Router

thanks.

can you ellaborate more on route-map.

Is there a cisco config link with similiar to my scenario

Hall of Fame Super Silver

Re: DSL / VPN on Same Router

Hello Amin,

as a starting point look at how to make internet access with NAT coexist with an IPsec VPN connection

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml

Hope to help

Giuseppe

99
Views
0
Helpful
3
Replies
CreatePlease to create content