09-13-2012 12:31 PM - edited 03-07-2019 08:52 AM
Hi Guys,
Im trying to work out my options in achive the following:
1)Route VPN date over 1 circuit from VPN ROuter via ISR router
2)Route SIP Traffic From Voice VLAN over another circuit
My question is, would the topology I have shown in my diagram attached work ?
I assume I will need Policy based routing in order to direct any traffic from the IP SEC router to the internet ?
I assume that we will need to make the New router the default Gateway for Voice traffic (I dont know who this will work as we have to use servers for this and want to avoid using the router as DHCP server.
Things you should know:
1) VPN router will be directly connected to LAN interface of ISR Router
2) VPN router is not capable of Terminating ADSL circuit (This is why its connected to ISR router)
3) PC's are hubbed through CIsco VoIP phones via Trunk to Cisco PoE switch (Phones and PC's on different VLANS)
If there is a simpler way of doing this that does not involve buying more than one Router please advise
Thanks
T4K
09-14-2012 11:41 AM
What you want to do is possible. For your switch I would purely run it as a layer 2 device and trunk between the other upstream devices. Then the default gateway will be on the directly connected routers. This will eliminate the need for PBR.
What is the purpose of having a second device as your VPN router? Why not run the VPN connection directly on the ISR? Then on the ISR you would need PBR to direct the traffic to the correct DSL connection by creating an ACL, much like the examples found in this link:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtpbrtrk.html
09-14-2012 01:41 PM
hi, thanks for your response.
there are 2 parties involved here:
1)the Separate VPN router is part of our WAN provider solution,
2)the Company providing the ADSL circuit have to terminate the circuit and provide routing for VoIP traffic over the other circuit.
we have to find a way of getting them both to work together
Sent from Cisco Technical Support iPad App
09-14-2012 11:31 PM
As indicated above, it should be possible.
Are you working with a Cisco Certified engineer or person of equivalent knowdge and expereince? That is needed for advanced Cisco IOS configurations.
09-15-2012 01:14 AM
i need to know how its possible, i dont need to know line by line config i just need to know what to use where.
we have to be involved because they dont own all of the kit (we provide the vpn applience from another party, and our own switch)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide