Answer the question
In order to leave comments, you need to log in
M
M
main2012-10-31 18:01:03
main, 2012-10-31 18:01:03
How to build a tunnel between Cisco and DD-WRT?
Hello, I need advice / help ...
I have a Cisco 861 at the border, ezvpn is configured on it and external clients are connected using the Cisco VPN Client.
There was a need to make a tunnel between this cisco and the thing on dd-wrt, and turn all traffic into this tunnel.
In general, I can imagine how to wrap it all up, and my problem is that clients connected via ezvpn from their subnet (192.168.0.0/24, for example) are not visible at all in the routing table, this subnet does not exist.
In general, if possible, tell me some better solution or explain how to see the ezvpn subnet of clients that connect.
2 answer(s)
@main
That is, instead of direct routing with NAT, do you want to encrypt traffic (programmatically!) And throw it over the Internet to another piece of hardware, hoping that in this way the Internet will work better?
It sounds so crazy that yes, a picture would be better.
Didn't understand. Did you use the same network under the VPN pool as it hangs on the other interface? But this is nonsense. Why do this?
@JDima
And it is possible more complete formulation of the problem? You described not a problem, but a solution, not the fact that it is optimal.
Remember, it shouldn't exist.
Why would she? If I understand the task correctly: there is a pool 192.168.0.0/24, you need to ensure the exchange of traffic between clients with addresses from it and dd-wrt, from which there is a tunnel to the IPSec cisco. Well, you make out crypto acl, prescribe statics on dd-wrt, and you're done.
J
JDima, 2012-10-31 @main
I want to create a VPN channel from this router (861) to a device with dd-wrt in order to launch all traffic to the Internet not directly (through 861), but through VPN and, as a result, an exit point to DD-WRT, since it will be faster.
That is, instead of direct routing with NAT, do you want to encrypt traffic (programmatically!) And throw it over the Internet to another piece of hardware, hoping that in this way the Internet will work better?
It sounds so crazy that yes, a picture would be better.
there is an office 192.168.0.0/24
Didn't understand. Did you use the same network under the VPN pool as it hangs on the other interface? But this is nonsense. Why do this?
J
JDima, 2012-10-31 @JDima
make a tunnel between this cisco and the thing on dd-wrt, and turn all traffic into this tunnel.
And it is possible more complete formulation of the problem? You described not a problem, but a solution, not the fact that it is optimal.
this subnet does not exist.
Remember, it shouldn't exist.
Why would she? If I understand the task correctly: there is a pool 192.168.0.0/24, you need to ensure the exchange of traffic between clients with addresses from it and dd-wrt, from which there is a tunnel to the IPSec cisco. Well, you make out crypto acl, prescribe statics on dd-wrt, and you're done.
Similar questions
I
Ilya Derevyannykh2020-10-07 22:21:50
Is it possible to automatically change prices in Woocommerc?
4Reply
B
D
N
neothesilent2016-05-19 16:27:18
How to display the full Ansible role execution log in Teamcity?
2Reply
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question