Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1007
Views
0
Helpful
4
Replies

Can you add routes to use ipsec0 interface on SRP521W?

Troy Moldenhauer
Level 1
Level 1

‎06-06-2011 02:52 PM

I bought a couple of these to trial for location to remote telemedicine sites.  However I am only able to route one network range over the IPSec VPN.  I have to route multiple network ranges, and I am not able to make any modifications to the static routes for the ipsec0 interface, only WAN1 and LAN1.  Ideally, I would change the default route to use ipsec0.  But if that isn't an option, then just add specific ranges. 

Can anyone help with this?

Thanks,

Jim

Labels:
0 Helpful
4 Replies 4

Troy Moldenhauer
Level 1
Level 1

‎06-06-2011 02:53 PM

I was looking up GRE tunnels, and wondering if this was a possibility.  I have a 4507 and a 7010 switch behind an ASA 5520 and a 3030 concentrator for options at the main site.

0 Helpful

Andrew Hickman
Cisco Employee
Cisco Employee
In response to Troy Moldenhauer

‎06-07-2011 04:37 AM

Hi Jim,

As you've seen it is only possible to add a single route via an IPSec tunnel. 

If you can use GRE, that might be better, as you can route to multiple subnets with this feature.

Andy

0 Helpful

Troy Moldenhauer
Level 1
Level 1
In response to Andrew Hickman

‎06-07-2011 06:05 AM

That sucks.  I have never used a GRE tunnel before, I tried yesterday building one to my Nexus 7010 with no success.  It seems like it would be so easy if I could just get the option to select the ipsec0 interface when adding static routes.

Can you recommend the next step router or firewall I could use to be able to send all traffic over the VPN, or at least add additional routes or network lists to send over the VPN?  I am assuming the ASA 5505 would work perfectly, but I was hoping for a more budget concious option as we'll have these all over town.

Otherwise, if anyone can give me tips or suggestions on how to build the GRE tunnel from the SRP521W to a Nexus 7010 that would be great.

Thanks,

Jim

0 Helpful

Troy Moldenhauer
Level 1
Level 1
In response to Troy Moldenhauer

‎06-07-2011 06:36 AM

This is the ASA 5505 bundle I was considering:

http://www.cdwg.com/shop/products/Cisco-ASA-5505-10-user-Bundle/1065037.aspx

I assume this bundle will not require me to have a router in the back end and would accomplish routing for my devices behind it along with IP address assignment via dhcp if needed, with VPN tunnel back to my main ASA 5520 and allow all traffic to be transmitted over the VPN, or specific network ranges. 

0 Helpful
Customers Also Viewed These Support Documents