Solved: Re: Full L2L Tunnel

cpratt · ‎11-20-2012

Hello,

I am curious to know if there is a way to make a full tunnel for a L2L option. I need to have all Internet traffic go through a trusted Internet connection. I know I can do this doing GRE over IPSec but was hoping for an alternative solution.

Thanks in advance

-Chris

Javier Portuguez · ‎11-20-2012

Hi Cristopher,

When you create a LAN-to-LAN tunnel you define protected traffic in the crypto ACL, so if you would like to send all the traffic across the LAN-to-LAN tunnel, then do the following:

hostname(config)# access-list l2l_list extended permit ip 192.168.0.0 255.255.0.0 any

hostname(config)# crypto map abcmap 1 match address l2l_list

Where 192.168.0.0/16 is your LAN.

HTH.

Portu.

Please rate any helpful posts

View solution in original post

Javier Portuguez · ‎11-20-2012

Hi Cristopher,

When you create a LAN-to-LAN tunnel you define protected traffic in the crypto ACL, so if you would like to send all the traffic across the LAN-to-LAN tunnel, then do the following:

hostname(config)# access-list l2l_list extended permit ip 192.168.0.0 255.255.0.0 any

hostname(config)# crypto map abcmap 1 match address l2l_list

Where 192.168.0.0/16 is your LAN.

HTH.

Portu.

Please rate any helpful posts

cpratt · ‎11-20-2012

Thanks! That's what I thought but wanted to confirm.

Sent from Cisco Technical Support iPhone App

Javier Portuguez · ‎11-20-2012

You are very welcome

Further information:

Configuring LAN-to-LAN VPNs

HTH.

Portu.

Please rate any helpful posts