Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

help with configuring router to pass VPN traffic

Status
Not open for further replies.
BluffPlace

BluffPlace

MIS
Sep 28, 2009
10
US
Hello
We have a Cisco 3030 vpn concentrator. I created 2 separate vpn tunnels which are up. I am receiving traffic from them, but I am not sending anything out. One of the remote sites has a peer address of 65.1.3.4 and their internal address is 192.168.101.x. How do I send traffic out.


interface Tunnel0
description Primary-Zscaler-Tun
ip address 172.17.6.33 255.255.255.x
ip mtu 1476
ip nat outside
tunnel source 151.8.2.6
tunnel destination 4.79.205.35

interface Ethernet0/0
ip address 65.1.5.2 255.255.255.x secondary
ip address 151.8.3.5 255.255.255.x
ip access-group 102 out
ip nat inside
ip route-cache policy
ip policy route-map Zscaler-redirect
duplex auto

interface Ethernet0/0.1

interface GigabitEthernet0/0
ip address 10.10.0.8 255.255.0.0
ip helper-address 10.100.91.5
negotiation auto
ipx network 7 encapsulation SAP
ipx gns-response-delay 1
ipx type-20-propagation

interface Serial1/0
description T3-18MB Verizon-ISP
ip address 208.4.2.0 255.255.255.x2
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip mroute-cache
ip policy route-map net-11
load-interval 30
scramble
framing c-bit
cablelength 10
dsu bandwidth 18948
no cdp enable

interface ATM2/0
no ip address
atm uni-version 3.1
no atm ilmi-keepalive

interface ATM2/0.1 point-to-point
bandwidth 75000
ip address 151.8.2.6 255.255.255.x
ip policy route-map net-11
pvc 1/57
vbr-nrt 10000 10000 100
encapsulation aal5snap

interface ATM2/0.5 point-to-point
bandwidth 145000
ip address 10.15.0.2 255.255.255.252
ip helper-address 10.100.91.5
ip policy route-map net-10
pvc obd 5/55
protocol ip 10.15.0.1 broadcast
vbr-nrt 145000 145000 1000
encapsulation aal5snap

ipx network A21

router eigrp 1
network 10.0.0.0
no auto-summary
no eigrp log-neighbor-changes

ip nat inside source route-map Zscaler interface Tunnel0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 151.8.2.5
ip route 10.70.1.1 255.255.255.255 10.60.1.2
ip route 10.70.1.2 255.255.255.255 10.60.1.2
no ip http server


ip access-list extended Zscaler
permit tcp any any eq www
permit tcp any any eq 443
permit tcp any any eq 389
access-list 102 permit ip any any
access-list 111 permit ip any any
access-list 112 permit ip any any
access-list 116 permit ip 65.1.5.0 0.0.0.31 any
access-list 117 permit ip 151.8.3.4 0.0.0.31 any

route-map Zscaler permit 10
match ip address Zscaler
set interface Tunnel0

route-map net-11 permit 11
set interface Ethernet0/0

route-map net-10 permit 10
match ip address 111
set ip next-hop 10.10.0.1

route-map Zscaler-redirect permit 10
match ip address Zscaler
set interface Tunnel0

route-map PBR1 permit 10
match ip address 116
set interface Serial1/0
set ip next-hop 208.4.2.9

route-map PBR1 permit 20
match ip address 117
set interface ATM2/0.1
set ip next-hop 151.8.2.5


gatekeeper
shutdown
 
Status
Not open for further replies.

Similar threads

Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
224
Jared R
Jared R
quazimotto
  • Locked
  • Question
Cisco ASA_5505 VPN to Juniper_SRX210 VPN IS UP_ No Traffic!!!!!!
Replies
0
Views
74
quazimotto
quazimotto
Luzbel
  • Locked
  • Question
Connecting HVAC controller to network
Replies
0
Views
171
Luzbel
Luzbel
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
402
BIS
BIS
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
236
madwok
madwok

Part and Inventory Search

Sponsor

Back
Top