12-14-2004 05:15 AM - edited 03-02-2019 08:34 PM
I have a hub and spoke WAN utilizing GRE crypto tunnels from the hub to the spoke sites. I'm using a 7204 in the hub and various other routers on the spoke. In the particular scenario we are having problems, we have an 831 as the spoke obtaining a public IP address from the ISP. The caveat or problem were having is the ISP also provides a default route with this dhcp lease. We do not want to support split tunneling. All traffic, even Internet traffic must traverse through our hub router. We haven't been able to get all traffic from the 831 LAN to traverse through the hub router. I would like to know how we can do this without impacting the GRE/Crypto tunnel. I've tried using policy routing on the internal lan interface and directing all traffic across the GRE tunnel, but the traffic is still traversing the public interface.
12-14-2004 05:50 AM
Do you configure a default route on the 831 pointing to the tunnel as the next hop?
Perhaps if you could post the output of show ip route we could get a better understanding of what is happening and what you can do about it.
HTH
Rick
12-14-2004 08:43 AM
This is a challenging one. The route the 831 installs will have the best administrative distance from a routing table stand point.
Can you post the PBR config that you tried to use. I would think this is the only way to avoid the default route received from DHCP.
Daniel
12-15-2004 10:09 AM
Hi hillegas,
You apply your crypto-map in the physical interface or create a gre interface and apply your crypto-map to this virtual interface?
If you have the second approach you may apply and policy to the inside interface. Some thing like this:
interface FastEthernet 0
ip policy route-map set-default
!
route-map set-default permit 10
match interface FastEthernet 0
set default interface tunnel 1
!
Regards,
Kratz
12-16-2004 12:25 PM
I utilized the ip route 0.0.0.0 0.0.0.0 null0 and this took care of getting to the public ip address.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide