We have a T1 running between the 2 offices with netscreens handling the VPN. The big bossman wants faster internet and wants a to drop comcast business in and I can't imagine that this would be that difficult to do, but I just can't figure it out. I did the CCNA 5 years ago, but I never did anything with it so I don't know what I am reaching for.
I want all VPN traffic to go out over the T1 and everything else over comcast. I know this is possible, but I can't remember the specifics.
Your post seems to describe two offices connected by T1 and running VPN over the T1. It does not describe how you currently have Internet connectivity. Knowing this might help in knowing how to best answer your question.
It seems to me that there are several aspects to consider about what you want to implement. First there is how you will establish the new connection. You have not told us what kind of interfaces are on the 1700 other than that it has a T1 WIC. The Comcast will probably use an Ethernet connection. Do you have an available Ethernet connection on the 1700?
After you get the issues of how to connect to Comcast resolved there will be issues of how you get VPN traffic to go over the T1 and everything else to go over Comcast. It might be as simple as configuring a default route pointed out Comcast and configuring routes for the VPN destinations pointing out the T1. Or you might need to configure Policy Based Routing. PBR allows you to make routing decisions based on characteristics of the packet, so you could use PBR to identify the VPN traffic and send it over the T1.
I made a quick diagram of the network. In my defense, I inherited this :-)
I will have to check and see what is available on the router, I can't remember at this time. Comcast will supply me with a modem and I know that it is ethernet.
Well I was thinking IP routes would work, however now that I think deeper into it, from looking at netflow information everything hits the NetScreen before it goes to the router so it has the netscreen IP address, but the servers have their own public IPs, which might work. Because I don't care if people log into the Terminal Server through the T1.
I will try and get the info you wanted from the router, i'm offsite today. Thanks for your help!
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...