Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 368
  • Last Modified:

VPN between 3005 and Cisco 1711

We are proposing to set up a one to one link between a 3005 concentrator and a 1711 router.
Connecting the 1711 will be a cable modem - Behind the 1711 we will have D-Link DSS 24 port for our wired clients and a D-Link DWL 7000 AP for our Wireless clients.
I am assuming IPSEC passthrough will need to be enabled on both D-Link routers
The customer would like whilst using the VPN to be able to browse the internet - As I understand it this is where split tunnelling comes in.
1.Is this viable in the configuration explained above
2.Where in the setup is split tunnelling set up - at both VPN endpoints i.e. Cisco Concentrator 3005,Cisco 1711 router and the clients themselves.
I am assuming the configuration is a viable solution.

Thanks in advance.

Andy
0
andeeeeuk
Asked:
andeeeeuk
  • 2
1 Solution
 
ewtaylorCommented:
Actually if you setup the vpn tunnel between the 3005 and the 1711 you will not have to worry about any of that. You will not have to worry about ipsec passthrough or clients on the computers. You just need to configure the 1711 to send any traffic bound for the 3005 subnet through the tunnel
0
 
andeeeeukAuthor Commented:
Thanks - is the config for 1711 for the vpn link to the 3005 easy enough.

Just to make sure I am clear as far as the split tunnelling...if the traffic is heading out to the web it will continue as normal, but if the traffic is for the vpn it is directed out through the tunnel.

As I have never touched a cisco 1711 - would that be configured as part of the IOS or firewall

Thanks it sounds easier than I thought it would.

Andy
0
 
ewtaylorCommented:
It really is pretty easy, you would configure it in the IOS part
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now