Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Multiple ISPs need to route VPN traffic to 2nd ISP

Router is a 1760 with 2 T1 WICs

We have added a 2nd T1 Internet connection to a different ISP. By default, all traffic will go out the 1st connection because it's route has a lower weight.

We would like to have VPN traffic leave the same connection that it is coming in on (the 2nd connection). How can I accomplish this with PBR?

The VPN traffic is being handled by an ASA5510 that is using IPSECoverUDP aand IPSECoverNATT.

  • WAN Routing and Switching
3 REPLIES

Re: Multiple ISPs need to route VPN traffic to 2nd ISP

Do you have multiple public address spaces?

New Member

Re: Multiple ISPs need to route VPN traffic to 2nd ISP

We have an available address space for each ISP. We are currently only using the address space from the "old T1". We have addresses from that space assigned to the ethernet interface on the Internet router, and to the ASA5510 for VPN access and for a few 1-1 NAT connections.

Re: Multiple ISPs need to route VPN traffic to 2nd ISP

PBR with VPN could get messy. I would use the second address pace and have the VPN's use that as the endpoint. That would be a DMZ interface on the ASA5510.

157
Views
0
Helpful
3
Replies