Smart questions
Smart answers
Smart people
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login
Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

LINK TO THIS FORUM!

Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

Tek-Tips LinkedIn® Group

Partner With Us!

"Best Of Breed" Forums Add Stickiness To Your Site
Partner Button
(Download This Button Today!)

Feedback

"...These forums are an excellent source and example of the way people can help each other..."
More...

Geography

Where in the world do Tek-Tips members come from?
Click Here To Find Out!

Tek-Tips Shirts!

Get Tek-Tips Swag
Get your
Tek-Tips Forums
SWAG here!
Home > Forums > MIS/IT > Security Solutions > NetScreen solutions Forum

Source routing question via unnumbered VPN tunnel.

thread907-930459
Read More Threads Like This One
rprague (MIS)
7 Oct 04 10:52
General info on my question:  
Map: http://www.geekforever.com/sourcerouting.htm (you may need to use IE to get zoom and all that, but it should work in *zilla browsers)
The 10.0.0.254 Netscreen 25 is the default router in my LA office for all machines
The 172.22.64.254 Netscreen 208 is the default router in my NYC datacenter for all machines
The default route(trust-vr) for the 172.22.64.x/24 network in LA is via the private T1
The default route(trust-vr) for the 10.0.0.x/24 network in NYC is via the private T1

Specific Question:
I've got a private connection between my office and datacenter which all traffic travels over, with a VPN for failover between the Netscreens in both locations.  Recently I added a route to allow all traffic going from LA to NJ to traverse the VPN (this was done by having a route in the trust VR for the specific machine that throws traffic destined for .10 to the untrust-vr where the route/tunnel takes over).  The tunnel is a routing based VPN (unnumbered tunnel interface).

The problem I have is that I'd like all traffic that originates with the .10 machine in NYC to also use the unnumbered tunnel vice going over the private link when that machine wants to send any traffic to LA.  We're having congestion issues and upgrading that link is not an option, so I'd like to leverage the VPN instead of having it sit there idle.

I don't think source routing will work here as you can't tell the source routing engine in the Netscreen to use a particular unnumbered interface or even VR.  Granted, I haven't used source routing on the Netscreens much, so I may just be missing something simple, or there may be an entirely different solution to this problem.

Any help would be appreciated.

 
Read More Threads Like This One

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Back To Forum

Back To NetScreen solutions

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close