cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
189
Views
0
Helpful
7
Replies
mohammadadeel
Beginner

Urgent help needed-----Internet Gateway & VPN Gateway---???---

Hi All,

 

First of all apologies as I am new to Cisco.

I have 2 sites Main site routers 1 is configured for internet having IP address 10.10.10.48. 2nd router is configured for VPN on separate data link configured with bgp protocol having ip address 10.10.10.51. My LAN computers are configured with 10.10.10.48 gateway for internet access.

 

DR-Site have 1 router configured for internet having IP 192.168.1.48. 2nd router is configured for VPN on separate data link configured with bgp protocol having ip address 192.168.1.52. My LAN computers are configured with 192.168.1.48 gateway for internet access.

 

Problem:-

if I need to connect with VPN I need to change default gateway from both ends otherwise VPN can not access network's from both ends in this case I loose internet because gateway is not there to service internet.

How to overcome this problem.

 

Thanks

 

 

 

7 REPLIES 7
Andre Neethling
Enthusiast

Have you considered terminating your internet and VPN services on the same router?

both of them are terminated in core switch, is there anything I have to do in core switch?

Hi. Can you explain your setup a bit more? Possibly attach a diagram.

 

Hi Andre,

 

Please find the attached.

 

Thanks

 

Have you thought about having 1 router at both sites. Then You have 1 default gateway pointing to that router. Then that router can send traffic over either the VPN or to the internet, depending on your Crypto ACL or Virtual Tunnel Interface.

actually both routers have only 2 either net lan cards no serial cards are there so if I want to get another router it will take some time to get additional routers, can I do something with current hardware I have?

Have you thought about implementing Policy Based routing to send all Internet traffic to the Internet router, and all other traffic to your VPN router? You will then have to move your client's default gateway to the 3560 by creating a SVI. Then add the routing policy to the SVI. And you would do the same at the DR.