Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Need help!!

I have a T1 at our main location all is good there. now we are expanding and I ordered a new t1 for new remote location. 1) can I create a VPN tunnel between the two routers?

2) If yes then how will I get to internet? will it still go through my original T1 or do i need to add naother T1 for that to work.

Thanks for any Info :-)

New Member

Re: Need help!!

A T1 is a circuit, it can be between any two points. I assume your existing T1 for your main location is an Internet T1. If the T1 you ordered for your remote office is also an Internet T1, yes you can create a VPN tunnel between your offices. You can choose to tunnel all data back to your main location, or you can do split tunneling where you would only send specific source/destination addresses across the tunnel, and all other data would go unencrypted to the Internet.

Without knowing more about your topology and requirements, I can't really suggest what type of VPN would be best. Here's a typical configuration for a site to site VPN.

New Member

Re: Need help!!


Thank you for the quick response. It is idividuals like you that make all feel a little more confrtable about asking , I know really stupid questions ( I'm a newbie on WAN :-))

To answer your question Yes both are Internet T1's and I would like all traffic from my remote location to come back to the main office where we have a firewall ( ISA :-) I know Microsoft what can I say) and I can at least track users access to Internet.

I just wanted to make sure that I did not lose my ability to access the internet for Web surfing and emails.

New Member

Re: Need help!!

The only tricky part is getting the VPN traffic behind your firewall. I assume your Cisco router at the main site is where the Internet T1 terminates, and you have a ISA firewall connected to the Cisco router, and then your office network behind that firewall.

The easy (and more secure) way to do it would be to get another router and put it on your office network to terminate your VPN tunnels. Then I would configure GRE+IPSec between the vpn routers. Depending on your topology, you may want to run EIGRP or OSPF across the GRE tunnel.

Here's a sample config for GRE+IPSec using OSPF: