cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
146
Views
0
Helpful
0
Replies
MaDe
Beginner

best practise / site-2-site VPN / ppp connection / secondary public ip space

Good day all,

today I saw this setup in one of our branch offices.

           ISP

    T1 |          | T1

    S1 |          | S2

     Branch Router

fe0/0 |          | fe0/1

                   |

         Switch

              |

              |

           Client

The ISP gave us two T1 connection. We terminate the T1's on our Router and configured it with ppp encapsulation and mutlilink, this works.

Also the ISP gave us a secondary public IP space. We configured the public IP on the fe0/0 interface.

So now the Branch office is requesting for a Site-2-Site VPN. VPN terminates in our HQ on a ASA 5510.

At the moment I have this setups:

1. Crypto map is added to fe0/0 -> VPN tunnel is up. But traffic flows only from ASA to branch offices. No packets from branch to ASA.

2. Crypto map is added to Multilink 1 interface -> VPN tunnel is up. Traffic flows in both directions.

So Ok VPN works and is stable. But is this best practise?

I would like to configure the VPN to work with the second public ip space but I'm struggling with the config. I dont know why packet are not routed through the VPN.

Any Ideas to point me in the right direction.

Thanks Markus

0 REPLIES 0
Content for Community-Ad