Contivity 100 issue

[jonks]

i have a contivity 100 connecting to a contvity 1600 via a 3des VPN tunnel. The 100 is based in our branch office.

What i want to do, ( please tell me if it cannot be done) is allow the access to one internet host via the 100 and not passing down the tunnel.

There is a host on the internet that i want people sitting behined the 100 to access. However i do not want them to go through the VPN tunnel . I would liek them to pass straight out the local interface.

Can this be done?

 

[mdahlke]

This is actually done on a packet-by-packet basis in the Contivity 100. The decision to send a packet through the tunnel or out the "regular" interface is based upon the destination IP: if the destination IP is reachable via the tunnel interface then it is encrypted and sent via the tunnel, otherwise it is passed out to the default gateway (I'm assuming that you do not have multiple static routes configured on the Contivity).

You can see this by taking a look at the routing table on the Contivity 100 with the tunnel active via the CLI.