Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
542
Views
5
Helpful
4
Replies

Routing traffic to site-to-site VPN

Go to solution
Paul Morgan
Level 1
Level 1

‎12-10-2015 08:09 AM - edited ‎03-12-2019 12:01 AM

Hey folks,

Quick question regarding routing on ASAs;

I have a site to site VPN using a crypto map with an ACL for interesting traffic. But do I need to configure a routing protocol to forward the traffic to the tunnel?

 

thanks,

 

Paul

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
rvarelac
Level 7
Level 7

‎12-10-2015 08:21 AM

Hi Paul, 

Is not necessary to have a routing protocol running in order to route the traffic.

The only requirement is that the destination networks in the interesting traffic are send over the interface where the crypto map is applied. Normally this is accomplish through static routes. 

Hope it helps

-Randy-

View solution in original post

0 Helpful

Go to solution
rvarelac
Level 7
Level 7
In response to Paul Morgan

‎12-10-2015 08:46 AM

Right, that will work as long as you don't have any overlapping route pointing this traffic to the inside interface. 

View solution in original post

0 Helpful
4 Replies 4

Go to solution
rvarelac
Level 7
Level 7

‎12-10-2015 08:21 AM

Hi Paul, 

Is not necessary to have a routing protocol running in order to route the traffic.

The only requirement is that the destination networks in the interesting traffic are send over the interface where the crypto map is applied. Normally this is accomplish through static routes. 

Hope it helps

-Randy-

0 Helpful

Go to solution
Paul Morgan
Level 1
Level 1
In response to rvarelac

‎12-10-2015 08:33 AM

So a default route that sends all the traffic to the outside interface will make sure that any 'interesting' traffic will be encrypted and tunneled ?

0 Helpful

Go to solution
rvarelac
Level 7
Level 7
In response to Paul Morgan

‎12-10-2015 08:46 AM

Right, that will work as long as you don't have any overlapping route pointing this traffic to the inside interface. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card