Routing mobile users via VPN to different gateways
I have mobile users using air cards that connect to the network with a VPN product called Net Motion. Our firewall is a ASA 5510. Once connected to the Net Motion VPN server the user will get a DHCP address from our network. In the past we could not get the VPN tunnel to complete since our layer 3 switch (3750G IP services) has 3 egress points and the egress point that we needed the VPN traffic to go out of is not the default gateway. To solve this we had the air card carrier set switch our air cards to static IP addresses and using route statements for the public IP addresses and access lists we got it to work.
The problem with this is that every new air card we provision needs a static IP address. My question is would policy based routing work in this scenario? The problem has been that the VPN tunnel was not able to complete the negotitaion phase as the traffic came into the switch and was trying to go out the default gateway. The VPN client wont get an internal IP address until the VPN tunnel is created.
I would like to get away from using static IP addresses. Any one have any suggestions on this? Thanks
Currently when changing the Authentication Template under the Onboarding section, there is no choice but to remove SGTs, VNs and IP Pools which clearly disrupt existing services.
Hitless Authentication was introduced in...
Hi, I want to redistribute OMP routes to BGP, i have the doubt if all of the OMP prefixes located in the local vEdge will be redistributed to BGP or just the connected+static networks located in the vEdge. Also how can i restrict some OMP prefix...
Let's say we have two routers configured as RP candidates for auto-RP: R1 - "advertising" its loopback0 interface IP address 18.104.22.168 as the RP for these groups:22.214.171.124/32126.96.36.199/32188.8.131.52/24184.108.40.206/16 R2 - "advertising" its loopback0 int...
hi,i just performed an IOS upgrade and got a report that admin can't create L2 VLANs.i noticed the 'vtp primary force' and 'vtp primary mst' was applied to one of the core switch and perhaps got lost after the upgrade.how to keep the VTP primary persisten...