Intersting RIP , OSPF & VPN Concentrator

From: thunai (thunai@cisco.com)
Date: Sat Jul 17 2004 - 00:17:12 GMT-3

• Next message: alsontra@hotmail.com: "IPSO - RFC 1108"
• Previous message: thunai: "ISIS & OSPF"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Dear Group ,
 
                 I have come across the following scenario , it looks
very interesting but i don't have the solution with me so i am not sure
what i am doing is right. I would appreciate your valuable suggestions
and Inputs.
 
 
R1-----10.10.10.x-------(RIPV2)---------(PIX)-(outside)-----------------
----RIPV2------(r3)-----(PC)
R1-----10.10.10.x-----(RIPV2)-----------(VPN
Concentrator)---(outside)----OSPF---(r3)-----(PC)
 
 
 Like i have shown Pix and Concentrator are connected in Parallel ( They
are in the Same network not as different network as Shown ) . Router R1
has two sources of information one from the PIX and the other from the
VPN Concentrator. Obviously the PIX can give only the default route and
the Concentrator give the Entire routers to R1 which includes the OSPF
learned routes which gets redistributed by the concentrator (
Automatically >>>I have unchecked the ASBR Option still it getting
redistributed. Suggest if we have an option to Stop this...). Now R1
Learned all the routes from the concentrator so its the path through the
VPN Concentrator , to avoid that i but a distribute list and BLOCKED
all the routes learned from rip thru concentrator and Permitted only
the default route.
 
Now the FUN starts...-:)
 
1. I could not stop the routes getting Redistributed
 
2. Other section says that the PC on the Outside network need to form a
Remote access VPN with Concentrator. Which is on a different network
than the inside interface (10.10.10.X (Inside Network ) PC gets IP says
172.16.X.X. PC can connect to the concentrator using remote access VPN.
 
 
3. However its not able to ping ( That's One of the Mandate given ) R1
b'cause R1 Not aware of 172.16.x.x. I have used the Option of Client RRI
still i am not getting that route on R1 ( Routing Table ) Yes.. I have
check the distribute list and added the RRI route and Default Route...
 
 
4. On the PC i have enabled Local LAN access. Still i am not able to
connect to the Local LAN the moment i form the Tunnel , I enabled Split
tunneling and to tunnel only for the Inside Network.
 
5. I know its a lengthy mail sorry to take your time one last quest
.....if i have rip enabled on the concentrator both on the public and
private interface is there any way to block the auto redistribution.
 
 
 
Can somebody throw some light on what is the right approach to this
problem.
 
 
Regds
Thunai

• Next message: alsontra@hotmail.com: "IPSO - RFC 1108"
• Previous message: thunai: "ISIS & OSPF"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:44 GMT-3