No, it will not work as it is. As you suggest, traffic for the other
private site will go to the default router at 10.0.0.253 and be lost
(because that router does not know about the VPN link). If you make 10.0.0.2
the default router, nothing will use the 3COM. You need to use the 3COM as
the default gateway but somehow get the private traffic to the RRAS router
to go across the tunnel.
You need a static route to send traffic for 192.168.10.0 to the RRAS
router. If you can add this route to the 3COM firewall it will bounce the
traffic to the correct gateway. (The clients will learn this route by ICMP
redirects from the firewall/router. This is the way I would recommend you do
it. Let the routers handle the routing).Otherwise you would need to add a
static route to each machine in 10.0.0.0 . The static route (in either
case) would be
192.168.10.0 255.255.255.0 10.0.0.2
Ray Brown wrote:
> At Location 1 we have a RRAS server with the following IP's
> NIC 1 - IP = 192.168.1.2
> SM = 255.255.255.0
> DG = 192.168.1.254 (Pix Firewall to DSL)
> NIC 2 - IP = 10.0.0.2
> SM = 255.255.255.0
> DG = none
> Location 1 has a 3COM firewall at 10.0.0.253. It goes out a Cable
> modem
>
> At Location 2 we have a RRAS server with the follwoing IP's
> NIC 1 - IP = 192.168.3.5
> SM = 255.255.255.0
> DG = 192.168.3.1 (Pix Firewall to DSL)
> NIC 2 - IP = 192.168.10.10
> SM = 255.255.255.0
> DG = none
>
> There is a PPTP tunnel betwenn the 2 RRAS servers using the 2 PIX
> firewalls.
>
> If the PC's at Location 1 have a default gateway of 10.0.0.253 (the
> 3COM firewall), should they be able to access the PC's at Location 2
> on the 192.168.10.0 network or will they need to have a default
> gateway of 10.0.0.2 (the RRAS server) Will traffic destined for the
> 192.168.10.0 network try to go out the 3COM firewall since that is
> where the default gateay is ?
>
> Thanks
|
Similar Threads
