Is it possible to setup a router (2911) so that I can access it from DSL connection as well as the MPLS. Without including a config I'll explain the setup. We have a MPLS network that is sending the 0.0.0.0 route to the router and all users route back to our data center for internet access. However as a backup we installed DSL at the sites. However during normal operations I would like to be able to SSH into the router from the SSH wan port. I know I can configure static routers to go out that interface, but when mobile the IP would change. Is it possible to do this?
As stated, BGP is providing the site networks along with a zero route. So when we try to ssh from the outside, it is sending the data back on the zero route.
So you want to be able to access the Router from the WAN interface but the MPLS is the primary route and the WAN is only used as for backup purposes.
With that in mind as you said the router will not know where the host lives and will send it out the default route-interface so traffic might get there but on the way back it wil use a different interface.
The only way possible is using NAT on the next-hop of WAN Interface so that all traffic going to the router on SSH port will be translated to a WAN IP address.
The router will know that it needs to reply to a host on the WAN interface and the traffic would go that way.
What are the users accessing at the data center for internet access? Are you running an explicit proxy there? If so, you don't need a default back to the data center. The MPLS WAN routes (other than the default) are all that is needed. Assuming you're running an explicit proxy you can set the remote locations to default out the local internet connection.
はじめに確認方法Version による Application name の変更について備考参考情報 はじめに本ドキュメントでは Cisco SD-WAN における Policy 上で設定可能な Application を確認する方法について記載しています。 確認方法サポートされている Application name についてはご使用されている vManage へ API を呼び出して確認することが可能です。https://<IP or FQDN>/...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where the spok...
On 24th August 2021, Cisco announced the latest IOS XE release - Cisco IOS XE Bengaluru 17.6.1a
IOS XE 17.6.1a unlocks various routing features and enhancements comprehensively covering different technology segments such as voice, security,...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where th...
SummaryRequirementsConfiguration StepsVerificationFAQTroubleshootingReferences & Tools
In the past when IOS 12.x was hot stuff we used MD5 to authenticate OSPF neighbors. This worked great on ethernet networks because OSPF is a m...