Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
680
Views
0
Helpful
1
Replies

Internet access via hub from spoke networks

wilkiek
Level 1
Level 1

‎03-08-2005 12:42 PM - edited ‎02-21-2020 12:00 AM

I have a number of spoke sites connecting to a central hub site. All sites are using ISRs (2801s no PIXs). I want all internet access to be via the central hub site (no split tunneling). I know that this would have been a problem with a pix at the hub, but surely a router can do this? (internet access via the same interface that the tunnels terminate on)

Thanks

0 Helpful
1 Reply 1

Richard Burts
Hall of Fame
Hall of Fame

‎03-08-2005 01:43 PM

If the VPN tunnels are terminated on a router at the central hub, then it certainly is possible to prevent split tunneling and have internet access for the remote sites be via the central hub. I have done this at a customer site and it works quite well.

In our implementation one of the key things is to be sure that each remote site has a default route that points through the tunnel to the hub.

In our implementation the hub router has a default route that points through the inside interface rather than the outside interface. We do this because we want any traffic from the remote going to the Internet to go through the Enterprise firewalls. But if you want to have the default route point back through the outside interface it should work just fine.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card