|
|
Question : Problem: Create a static route for a vpn tunnel on multihomed server?
|
|
I have a VPN tunnel from HQ (10.10.10.0) to remote siteA (192.168.1.0). In HQ I have a multihomed server that is connected to corp lan (10.22.3.0) using the default gateway and other NIC is plugged into 10.10.10.0 network with no gateway. I want to ping 192.168.1.0 addresses from the multihomed machine.
How is this possible?
I am using a Cisco ASA 5510 in HQ and Netscreen 5GT in remote site. ASA has Eth0/0 is Outside Eth0/1 is Inside (10.22.3.0/24) Eth0/2 is SAN (10.10.10.0/24) has VPN connection to remote side already working
Only traffic on SAN and remote side should talk. No access from LAN/Inside interface to SAN or remote Server is connected to both networks.
I am sure I am leaving out relevant info so please ask if I left anything out.
|
Answer : Problem: Create a static route for a vpn tunnel on multihomed server?
|
|
If you are only tunneling 10.10.10.0/24 from HQ, then you could put in a static route on the multihomed server in HQ that routes traffic destined for 192.168.1.0/24 to the ASA's SAN network interface, which would be 10.10.10.x (you didn't specify the IP address of the ASA interface on the SAN network).
For example, if the ASA's SAN interface was 10.10.10.1 and the multihomed machine was a Windows box, you could put in:
route add 192.168.1.0 mask 255.255.255.0 10.10.10.1
|
|
|