Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
418
Views
0
Helpful
1
Replies

dedicate wan for remote access vpn and 2nd wan for only internet

zeuscyril
Level 4
Level 4

‎12-19-2010 03:23 AM - edited ‎02-21-2020 05:02 PM

hi all,

here is my scanrio,

i am having two internet line one is leased line wih staic ip address and the other one is DSL line

i want to use the leased line only for remote access VPN and the webmail access from outside and the other line is only for the internet for local users

i have 2811 router i have extra ethernet interfaces to connect both the lines.

how i can configure this scanrio,

i configured , but if i default route for leased line wan then only VPN is working .

but if i put default route the internet is passing through the leased line.

Labels:
0 Helpful
1 Reply 1

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎12-20-2010 09:01 AM

Hi!

One can think of a scanario where:

- udp/500

- udp/4500

- ESP

- AH

is sent out through a particular interface by virtue of "ip local policy"

Traffic generated from the box doesn't work with PBR, you need a separate local policy.

On top I'd advise you tu use RRI or DVTI solution to avoid problems with routing through tunnel.

That being said, it's probebly not the best idea to set it up like this.

Please be aware that above solution will make ALL IPSec traffic go through this link, regardless of RA or L2L.

Marcin

0 Helpful
Customers Also Viewed These Support Documents