Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Routing setup with concentrator

I've run into a situation that has me wondering why we currently have our routing setup the way it is. That is, we have a cisco concentrator that has site to site tunnels running, that concentrator then leads to a router, which then leads to our frame relay WAN. Here's an example of the way the routing is configured now. Let's say Portland is a network connected via a VPN tunnel, and a user there is trying to get to New York, which is also a VPN tunnel connected to the same concentrator. Even thought the concentrator has the tunnel "directly" connected to it, it relies on the router to route that traffic. So what happens is the concentrator sends that traffic to the router, which sends it right back to the concentrator, which sends it to its destination. That sounds fundamentally wrong to me. I don't have much practical experience with cisco's concentrator, and perhaps this is just how it's supposed to work when using a concentrator in this particular environment? Is there another, or "better" way of accomplishing the routing between site to site tunnels running from the same concentrator?

thank you,

Bill

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Routing setup with concentrator

Hi,

what you are looking for might be "Overriding the Tunnel Default Gateway" found at

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_guide_chapter09186a00803ee11d.html#wp999651

This will allow the concentrator to "hairpin" the traffic from one tunnel to another. The minimum Software requirement is version 4.1

Hope this helps! Please rate all posts.

Regards, Martin

3 REPLIES

Re: Routing setup with concentrator

whatever i understand is you have two tunnel with you two different branch office one is at portland and other is at newyork... right... and its frame-relay connectivity... now when any user from portland send data to new yourk then it goes to concentrator and then it will go to router and router take send that packet back to vpn concentrator and via other tunnel it will reach to destination... so here you are pointing that why packet goes to router and again back to the concentrator and then it will routed to destionation through other tunnel...

and your connectivity i guess it look like this

vpn concentrator---router>---tunnel1---portlend

>---tunnel2---newyork

am i right with this understanding...???

regards

Devang

New Member

Re: Routing setup with concentrator

yes, except I think we can forget about the Frame-relay part. I don't think it's necessary for us to consider it in this scenario. The router has a static route for the VPN tunnel networks pointing to the concentrator, so while the router leads to a frame relay network, the vpn traffic never crosses to the frame.

Here's how I see the map of the concentrator, the tunnel sites, and the router

portland \

Concentrator --- Router

new york /

Re: Routing setup with concentrator

Hi,

what you are looking for might be "Overriding the Tunnel Default Gateway" found at

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_guide_chapter09186a00803ee11d.html#wp999651

This will allow the concentrator to "hairpin" the traffic from one tunnel to another. The minimum Software requirement is version 4.1

Hope this helps! Please rate all posts.

Regards, Martin

95
Views
0
Helpful
3
Replies