how to access VLAN via VPN

ccnpwannabe · ‎11-10-2010

Hi,

I want to access the server on VLAN 2 from the internet via VPN. Also i want to make sure VLAN 1 cannot be accessed from the internet.

I have implemented inter-vlan routing between VLAN 1 and 2. All suggestions welcome.

Is it possible for users on VLAN 1 and VLAN 2 to access the internet

VLAN 1 - 10.1.6.0 /24

VLAN 2 - 10.2.16.0 /24

R1 serial ip 1.1.1.1

R1 se0/1 ip 2.2.2.2

R2 serial is 1.1.1.2

R2 lan is 10.10.10.0/24

Federico Coto Fajardo · ‎11-10-2010

Hi,

To access the server via VPN you should configure VPN and allow access to that server.

To avoid accessing VLAN 1 from the internet, don't give it a public IP (either directly or via static NAT)

Let us know if you need help with this.

Federico.

ccnpwannabe · ‎11-10-2010

Hi ,

I want server in VLAN 2 with private ip series 10.2.16.0 /24

So from the internet cloud the server can be accessed. Also from the Remote router R2 users can reach server 2 via VPN only and no access to VLAN 1.

Federico Coto Fajardo · ‎11-11-2010

When you set up the VPN configuration, you need to define the interesting traffic with an ACL.

This ACL includes the traffic that is going to be encrypted and protected through the tunnel.

If you want to be able to reach a server, include the IP of the server in the interesting traffic.

If the server uses a private IP and it's not NATed to a public IP, it's not reachable through the internet (only via VPN).

Same concept applies if you want to reach one VLAN but not another.

Check this VPN configuration:(need CCO access)

Federico.

ccnpwannabe · ‎11-12-2010

Hi i dont have CCO access. any other configuration example would be helpful. thank you