Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
546
Views
0
Helpful
3
Replies

Routing setup with concentrator

Go to solution
WILLIAM STEGMAN
Level 4
Level 4

‎08-03-2006 04:38 AM - edited ‎03-03-2019 01:32 PM

I've run into a situation that has me wondering why we currently have our routing setup the way it is. That is, we have a cisco concentrator that has site to site tunnels running, that concentrator then leads to a router, which then leads to our frame relay WAN. Here's an example of the way the routing is configured now. Let's say Portland is a network connected via a VPN tunnel, and a user there is trying to get to New York, which is also a VPN tunnel connected to the same concentrator. Even thought the concentrator has the tunnel "directly" connected to it, it relies on the router to route that traffic. So what happens is the concentrator sends that traffic to the router, which sends it right back to the concentrator, which sends it to its destination. That sounds fundamentally wrong to me. I don't have much practical experience with cisco's concentrator, and perhaps this is just how it's supposed to work when using a concentrator in this particular environment? Is there another, or "better" way of accomplishing the routing between site to site tunnels running from the same concentrator?

thank you,

Bill

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mheusinger
Level 10
Level 10
In response to WILLIAM STEGMAN

‎08-03-2006 06:55 AM

Hi,

what you are looking for might be "Overriding the Tunnel Default Gateway" found at

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_guide_chapter09186a00803ee11d.html#wp999651

This will allow the concentrator to "hairpin" the traffic from one tunnel to another. The minimum Software requirement is version 4.1

Hope this helps! Please rate all posts.

Regards, Martin

View solution in original post

0 Helpful
3 Replies 3

Go to solution
devang_etcom
Level 7
Level 7

‎08-03-2006 05:05 AM

whatever i understand is you have two tunnel with you two different branch office one is at portland and other is at newyork... right... and its frame-relay connectivity... now when any user from portland send data to new yourk then it goes to concentrator and then it will go to router and router take send that packet back to vpn concentrator and via other tunnel it will reach to destination... so here you are pointing that why packet goes to router and again back to the concentrator and then it will routed to destionation through other tunnel...

and your connectivity i guess it look like this

vpn concentrator---router>---tunnel1---portlend

>---tunnel2---newyork

am i right with this understanding...???

regards

Devang

0 Helpful

Go to solution
WILLIAM STEGMAN
Level 4
Level 4
In response to devang_etcom

‎08-03-2006 06:33 AM

yes, except I think we can forget about the Frame-relay part. I don't think it's necessary for us to consider it in this scenario. The router has a static route for the VPN tunnel networks pointing to the concentrator, so while the router leads to a frame relay network, the vpn traffic never crosses to the frame.

Here's how I see the map of the concentrator, the tunnel sites, and the router

portland \

Concentrator --- Router

new york /

0 Helpful

Go to solution
mheusinger
Level 10
Level 10
In response to WILLIAM STEGMAN

‎08-03-2006 06:55 AM

Hi,

what you are looking for might be "Overriding the Tunnel Default Gateway" found at

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_guide_chapter09186a00803ee11d.html#wp999651

This will allow the concentrator to "hairpin" the traffic from one tunnel to another. The minimum Software requirement is version 4.1

Hope this helps! Please rate all posts.

Regards, Martin

0 Helpful
Customers Also Viewed These Support Documents