Hi, I am a network admin of 3 office (A, B, C). Each office has Cisco PIX 506 as front-end firewall and ISA 2004 as back-end firewall. Here are the VPN settings I have done.
1. PIX connected by IPSec (A<->B, A<->C, B<->C). 2. Based on IPSec, ISA 2004 connected by PPTP (A<->B, A<->C, B<->C).
Now I have a question. I performed a network test and got the following results.
Obviously, A->C->B will be faster than A->B. How can I add a routing setting in RRAS or ISA 2004 to force A->B must go through C and keep A->B as a backup route in case C is down?
In each office, 2 static routes are found in RRAS for DOD.
Office A PIX (a1.b1.c1.d1 ; 192.168.1.1/255.255.255.0) ISA (192.168.1.2 ; 10.1.1.1/255.255.0.0)
Office B PIX (a2.b2.c2.d2 ; 192.168.2.1/255.255.255.0) ISA (192.168.2.2 ; 10.2.1.1/255.255.0.0)
Office C PIX (a3.b3.c3.d3 ; 192.168.3.1/255.255.255.0) ISA (192.168.3.2 ; 10.3.1.1/255.255.0.0)
thanks, eddie
< Message edited by eddiec -- 26.Oct.2006 12:04:25 PM >
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Routing Question in Site-to-Site VPN 
Routing Question in Site-to-Site VPN - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread