Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
635
Views
0
Helpful
1
Replies

vpn between multiple remote sites and internet access

jharms_comunet
Level 1
Level 1

‎03-10-2005 07:32 PM - edited ‎02-21-2020 12:00 AM

gday,

i have a situation where remote sites are linked to a main office via a vpn. the vpn works as it should. however, the same adsl link used for the vpn, is also one of the internet access links.

in order to access the net, i have to nat. when i nat it naturally breaks the vpns. Is there anyway of maintaining my vpn and using the same adsl link for internet access?

config is below.

cheers to anyone who responds.

jonathan

adl-vpn-router#sh run

Building configuration...

Current configuration : 3037 bytes

!

version 12.3

no service pad

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

no service password-encryption

service sequence-numbers

!

hostname adl-vpn-router

!

logging buffered 51200 debugging

enable secret xxxx

!

username * privilege 15 password 7 *

no aaa new-model

ip subnet-zero

ip dhcp excluded-address 10.10.10.1

!

!

ip audit notify log

ip audit po max-events 100

ip audit smtp spam 50

no ftp-server write-enable

!

!

!

!

crypto isakmp policy 10

hash md5

authentication pre-share

crypto isakmp key 0 comunet address xxx.xxx.xxx.xxx

!

!

crypto ipsec transform-set myset esp-des esp-md5-hmac

!

crypto map mymap 10 ipsec-isakmp

set peer xxx.xxx.xxx.xxx

set transform-set myset

match address 199

!

!

!

!

interface Null0

no ip unreachables

!

interface Ethernet0

ip address 192.168.1.40 255.255.255.0

no ip unreachables

no ip route-cache

no cdp enable

hold-queue 100 out

!

interface ATM0

no ip address

no ip unreachables

no ip route-cache

no atm ilmi-keepalive

pvc 8/35

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

dsl operating-mode auto

hold-queue 224 in

!

interface FastEthernet1

no ip address

duplex auto

speed auto

!

interface FastEthernet2

no ip address

duplex auto

speed auto

!

interface FastEthernet3

no ip address

duplex auto

speed auto

!

interface FastEthernet4

no ip address

duplex auto

speed auto

!

interface Dialer0

ip address xxx.xxx.xxx.xxx 255.255.255.0

no ip unreachables

encapsulation ppp

no ip route-cache

dialer pool 1

no cdp enable

ppp authentication chap callin

ppp chap hostname x@direct.telstra.net

ppp chap password 7 x

crypto map mymap

!

interface Dialer1

no ip address

no cdp enable

!

ip nat inside source list 198 interface Dialer0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0

ip route 192.168.99.0 255.255.255.0 Dialer0

!

ip http server

ip http authentication local

ip http secure-server

!

logging trap debugging

access-list 1 permit 192.168.0.0 0.0.0.255

access-list 23 permit 192.168.99.0

access-list 23 permit xxx.xxx.xxx.xxx

access-list 23 permit xxx.xxx.xxx.xxx

access-list 23 permit 192.168.1.0 0.0.0.255

access-list 23 permit 192.168.99.0 0.0.0.255

access-list 198 permit ip 192.168.1.0 0.0.0.255 any

access-list 199 permit ip 192.168.99.0 0.0.0.255 192.168.1.0 0.0.0.255

access-list 199 permit ip 192.168.1.0 0.0.0.255 192.168.99.0 0.0.0.255

dialer-list 1 protocol ip permit

no cdp run

!

line con 0

exec-timeout 120 0

login local

no modem enable

transport output telnet

stopbits 1

line aux 0

login local

transport output telnet

stopbits 1

line vty 0 4

access-class 23 in

exec-timeout 120 0

privilege level 15

login local

length 0

transport input telnet ssh

!

scheduler max-task-time 5000

scheduler interval 500

!

end

adl-vpn-router#

0 Helpful
1 Reply 1

pradeepde
Level 5
Level 5

‎03-16-2005 01:50 PM

Try configuring split tunneling

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card