Cisco 1811 with multiple Vlans and internet interfaces

Discussion in 'Cisco' started by Joel, Feb 6, 2006.

  1. Joel

    Joel Guest

    I have a new Cisco 1811 that I am trying to get configured in 1 of
    two ways.

    1) 2 Vlan's (vlan 10 employee / vlan 20 vendor) FastEth0 connected to
    the internet with a Public IP (X.Y.X.5). IPSec tunnel brought up to
    main office and all of vlan 10 routed over it with no NAT. Vlan20
    needs to be prevented from accessing the VPN tunnel, but does need
    direct internet access over FastEth0 via NAT.

    2) Second solution same as first, however the FastEth1 interface is
    also configured with a second public IP (X.Y.X.10) on the same subnet
    as FastEth0. Thus vlan 20 should be NATed for internet access on
    FastEth1 while FastEth0 is used for VPN traffic only.

    Will either of these configs work and if so are there any example
    configs. I have the Vlans and VPN working, but can not get the NATing
    working either way. I'm concerned that one of my ACL's from the VPN
    config may be interfering with solution 1 which is my ideal config.

    Any suggestions?

    Joel, Feb 6, 2006
