cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
411
Views
0
Helpful
4
Replies

Site to site VPN routing question

jdamone
Level 1
Level 1

We'd like to set up a VPN to one of our remote sites. Currently this site is part of our corporate MPLS network. There is a static route configured on our corporate router sending core traffic to this site's subnet.

At this remote site we've also set up a DSL connection with a VPN capable Linksys router. Basically we want to peel off this site from our MPLS network and set up a site to site VPN through our internet router which allows core traffic to flow through the tunnel.

Do we need to remove the static route from the corporate router, or will the tunnel allow corporate traffic to flow properly?

4 Replies 4

John Blakley
VIP Alumni
VIP Alumni

If you'll be getting this location off of your MPLS completely, I would think that you would need to get rid of your static route. Do you run any routing protocols?

HTH,

John

HTH, John *** Please rate all useful posts ***

No, we're not running any routing protocols. I think that's all I need to do is get rid of that static route, and set up the vpn. We're already running remote access vpn to our concentrator, and our firewall is open to the correct ports.

I wonder if there are any white papers or documentation on Cisco. I would think this scenario is fairly common.

Rick Morris
Level 6
Level 6

Forgive me for putting it this way, I do not mean to sound rude.

If you remove this site from your MPLS network and the static route sends this traffic out to the site through the MPLS cloud, then if you don't remove the static route then how do you think traffic will get to the new VPN link?

You will need to point your routes to the VPN link and not the MPLS cloud. As mentioned in the last post I would recommend running some routing protocol that way the site will advertise the networks it has and dynamic routing will allow for traffic flow based on the routing table that is populated via the routing protocol, ie EIGRP or OSPF

You don't sound rude at all. The feedback I'm receiving is great. The question I'm throwing out here is kind of a sanity check to what I've already recommended to management.

The site to site VPN is single subnet to single subnet, so we don't plan on running any routing protocols.

Review Cisco Networking for a $25 gift card