10-09-2008 10:21 AM - edited 02-21-2020 03:58 PM
I have an 1841 router using a serial port for T1 and an ATM WIC for ADSL. I want all traffic going to my company's data center to go out the T1 and all other traffic to go out the ADSL connection. There is a VPN connection to the data center that works fine until the ATM/dialer interface is enabled. The VPN tunnel is created but no traffic gets routed out the VPN. I've attached the config of the router.
Solved! Go to Solution.
10-09-2008 10:58 AM
Jason,
Can you try configuring the below routes and do the testing again.
ip route datacenterLAN 255.255.255.0 serial0/0/0
ip route datacenterLAN2 255.255.0.0 serial0/0/0
ip route datacenterLAN3 255.255.255.0 serial0/0/0
ip route datacenterLAN 255.255.255.0 Dialer1 5
ip route datacenterLAN2 255.255.0.0 Dialer1 5
ip route datacenterLAN3 255.255.255.0 Dialer1 5
Regards,
Arul
** Please rate all helpful posts **
10-09-2008 10:58 AM
Jason,
Can you try configuring the below routes and do the testing again.
ip route datacenterLAN 255.255.255.0 serial0/0/0
ip route datacenterLAN2 255.255.0.0 serial0/0/0
ip route datacenterLAN3 255.255.255.0 serial0/0/0
ip route datacenterLAN 255.255.255.0 Dialer1 5
ip route datacenterLAN2 255.255.0.0 Dialer1 5
ip route datacenterLAN3 255.255.255.0 Dialer1 5
Regards,
Arul
** Please rate all helpful posts **
10-09-2008 12:37 PM
if I put those routes in, traffic to the datacenterLAN won't go through the VPN like I want.
10-09-2008 01:53 PM
Jason,
I am little lost, Sorry. In the below configuration, your default gateway is pointing through the Dialer1 interface and you have a floating default route via your serial interface.
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 serial0/0/0 5
ip route datacenterIP 255.255.255.0 serial0/0/0
ip route datacenterIP 255.255.255.0 Dialer1 5
As far as the Dialer1 interface is down, traffic should flow across the serial interface. But, as soon as you bring the Dialer1 interface up, traffic (including traffic destined for DC LAN) will go through the Dialer1 interface and not flow through the IPSEC Tunnel. Because, crypto map is applied on the Serial Interface.
Please let me know if I am missing something here.
Regards,
Arul
** Please rate all helpful posts **
10-09-2008 02:51 PM
I'm going to try the change a little later (after hours) and see what happens. Although I'm not quite sure why it's not working as is.
I have another site that is splitting traffic and the VPN works fine without routes. I've attached that config. The only difference is that this site has a route to the VPN server at the datacenter via the interface that is for internet traffic.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: