1. Home
  2. Cisco Systems
  3. Branch office can't access HQ internet connection?? Help please?

Branch office can't access HQ internet connection?? Help please?

Problems with accessing internet that is connected to the HQ from a Branch office.

Here is the setup:

Branch ->foreign network ->HQ->Internet We are not using the foreign network for internet but rather want the users at the branch to access the internet through the HQ's fast connection. We are able to access the HQ networks but not able to access the internet. The default routes look OK as do the 0.0.0.0 static routes however the branch traffic seems to drop at the connection to the foreign network. This seems to me to be a very simple setup which can be done without advanced routing even though there are multiple Qtaggged VLANs at each side. Am I missing something? Does this need to be done with OSPF (I think not) or with BGP (which seems more likely but unnecessary). Any input would be appreciated.

Reply to
ShoutyMcNasty
Loading thread data ...

You haven't indicated what kinds of devices you are using, or the software version.

What you report would be normal with a Cisco PIX running 5.x or 6.x software; Cisco PIX and Cisco ASA running 7.x software would default to the same behaviour but make provision for allowing it if the connection from the branch to HQ is via a VPN.

Reply to
Walter Roberson

Hello Walter, thank you very much for your reply. Your guess was spot on, we are actually trying to connect a branch Contivity 1750 with a Cisco Pix 515e running version 7. They are talking over a VPN, obviously. It is possible that the issue is with the Contivity alone, however we are trying to eliminate all other issues first. Does that help? Thanks.

Walter Robers> >

Reply to
ShoutyMcNasty

Please do not top-post. I have re-ordered the text to make it easier to read.

same-security-traffic permit intra-interface

formatting link

For more guideance on this command, see

formatting link

Reply to
Walter Roberson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.