VPN between 3005 and Cisco 1711

We are proposing to set up a one to one link between a 3005 concentrator and a 1711 router.
Connecting the 1711 will be a cable modem - Behind the 1711 we will have D-Link DSS 24 port for our wired clients and a D-Link DWL 7000 AP for our Wireless clients.
I am assuming IPSEC passthrough will need to be enabled on both D-Link routers
The customer would like whilst using the VPN to be able to browse the internet - As I understand it this is where split tunnelling comes in.
1.Is this viable in the configuration explained above
2.Where in the setup is split tunnelling set up - at both VPN endpoints i.e. Cisco Concentrator 3005,Cisco 1711 router and the clients themselves.
I am assuming the configuration is a viable solution.

Thanks in advance.

Andy
andeeeeukAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ewtaylorCommented:
Actually if you setup the vpn tunnel between the 3005 and the 1711 you will not have to worry about any of that. You will not have to worry about ipsec passthrough or clients on the computers. You just need to configure the 1711 to send any traffic bound for the 3005 subnet through the tunnel
andeeeeukAuthor Commented:
Thanks - is the config for 1711 for the vpn link to the 3005 easy enough.

Just to make sure I am clear as far as the split tunnelling...if the traffic is heading out to the web it will continue as normal, but if the traffic is for the vpn it is directed out through the tunnel.

As I have never touched a cisco 1711 - would that be configured as part of the IOS or firewall

Thanks it sounds easier than I thought it would.

Andy
ewtaylorCommented:
It really is pretty easy, you would configure it in the IOS part

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.