A connected interface is the most preferred. So the short answer is no.
Even if yes, why would you change your network just to accomodate one user ?
Tell that person too bad and change his home network. If this was some
company/site consolidation, then you can do nat on both devices.
----- Original Message -----
From: "Jian Gu" <guxiaojian_at_gmail.com>
To: "Cisco certification" <ccielab_at_groupstudy.com>
Sent: Tuesday, June 09, 2009 11:18 AM
Subject: Overlapping IP address space on ezvpn
> Hi, all,
>
> We have a lot of employees working from home, for those people, we
> send them the small 851Ws configured as an ezvpn client working at NEM
> mode, those C851Ws will get private DHCP address from employee's home
> router (Linksys, Dlink, Airport, what have you). Since most home
> routers default internal IP address is 192.168.0.0 and our corp
> internal IP address is 10.0.0.0, the solution worked perfectly.
>
> Now there is one employee his home router's default internal IP
> address is also 10.0.0.0, the IPsec tunnel came up fine, but computers
> behind C851W is painfully slow to access corp servers, I believe the
> root cause is that when traffic destined to corp 10.0.0.0 address
> reaches C851W, the traffic is not directly sent to IPsec tunnel, in
> stead, C851W tries to route it locally.
>
> Is there anyway we can force traffic with destination 10.0.0.0 to go
> to IPsec tunnel automatically?
>
> Thanks,
> Jian
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Jun 09 2009 - 14:12:30 ART
This archive was generated by hypermail 2.2.0 : Wed Jul 01 2009 - 20:02:37 ART