So I have a mpls site to site network that I cannot inject a default route into. I would like to tunnel internet bound traffic from one site to another site that has internet connectivity so that I can push it through our firewalls for decryption and inspection.
I’m thinking that I can use a router at each site, most likely a 2911, and create a GRE tunnel between them. Then configure the remote router to act as the default gateway for the remote network, and on the central side, configure the router with its default gateway as the firewall, with static routes pointing back from the firewall to the gre router for return traffic.
Not optimal I know, but it would be great until we transition to a WAN that I can simply inject the default route to get all the traffic back to corporate.
Anyone seen or done that before? Or maybe there is a better way.
No comments:
Post a Comment