06-19-2013 05:51 AM - edited 03-04-2019 08:15 PM
Hey Guys,
I have a central site which I can remote into using Remote VPN (ipsec). From the central site, i also have a permanent VPN to a branch location which i use for backups etc. Both Central and Remote routers are 887sec
Point is, rather than create Remote VPN on the branch site, i need to beable to route or reach the branch network from the remote location wherever that may be.
Hairpinning is thrown around as something i need to do but 1 - i'm not overly familiar with the concept and 2 - i'm not sure it's even allowed or possible on the 887's?
Right now, i have the branch subnets being advertized to the central site via eigrp, i've updated the allowed/denied access list, added the route to the no nat access list, updated/verified the eigrp network commands. All routes are being advertized as expected but just can't forward traffic to the branch from the remote site.
Could anyone shed some light?
I haven't included config as hoping the theory you throw at me will start some other thought processes but if you need it, can put some up
Thanks in advance
Jay
Solved! Go to Solution.
08-09-2013 03:50 PM
Hi Jay,
This should work fine. For traffic from remote to branch, the central site will decrypt it first and the encrypt it.
If you want share your configs, I can take a look.
HTH,
Lei Tian
Sent from Cisco Technical Support iPhone App
08-09-2013 03:50 PM
Hi Jay,
This should work fine. For traffic from remote to branch, the central site will decrypt it first and the encrypt it.
If you want share your configs, I can take a look.
HTH,
Lei Tian
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide