Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Policy Based Routing or NAT Routemaps outside-to-inside support

Hi,

Have an ipsec tunnel working for a branch campus without problems for over a year. Clients come back direct to main campus, if destination is off campus, then go direct out to Internet without coming back the ipsec tunnel. Configuration is attached for the remote site and have just one Internet connection.

I'm trying allow access to a new web server installed at the remote site from off campus and not having any luck. I found examples on dual Internet connections using PBR setups, but no luck trying to adapt this to my configuration. Can connect fine to the web server from local network, but when trying to connect to the web server from off campus get timeouts.

Can anyone point me in the correct direction for example using PBR or NAT Routemap to support the web server at the remote location? Clients coming in from Internet, path to server is through our main connection, but path is trying to go back out the cable modem. Need to change the path back through the ipsec tunnel for just this one IP address.

This seemed like a good link but I do not have two Internet connections and could not figure out how to adapt it.

<https://supportforums.cisco.com/docs/DOC-8313>

thanks!

jim

2 REPLIES

Policy Based Routing or NAT Routemaps outside-to-inside support

Please identify your remote L2L tunnel, remote vpn-users-segment and remote-web server need access for vpn-remote-users.

New Member

Policy Based Routing or NAT Routemaps outside-to-inside support

Hi,

Not pretty but I got this working.

Created GRE tunnel and a route-map with "set ip default next-hop" pointing to the new tunnels remote address.

Web traffic now stays internal.

thanks!

792
Views
0
Helpful
2
Replies