What exactly do you want to do?
Do you want to have to different subnets, using one and only switch? If this is what you want to do, then you have to use VLANs.
Well we are adding one UTM device (WatchGuard firebox 550e) and the SSL VPN is established against a private ip address range (192.168.10.0/24)
Everything works fine, but the vpn clients are limited to the primary network.
We asked our ISP who provides as data link between 6 branches to make secondary routing for the ssl vpn subnet and seems the guys are totally confused at their end.
Hence we had set up a small lab and started doing the exercises to see whether we could help the "kids" at ISP side.
Anyway, I just managed to achieve the target. I created virtual interfaces against ethernet 0 and used router rip with both routers and the test lab configurations seems pretty functional. Please find below the configurations I had done with both routers:
Router A
Router Con0 is now available
Press RETURN to get started!
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z
Router(config)#exit
Router#show run
Building configuration...
Current configuration : 625 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
!
!
ip subnet-zero
!
!
!
!
!
interface FastEthernet0/0
no ip address
no ip directed-broadcast
ip access-group 100 out
!
interface FastEthernet0/0.1
ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/0.2
ip address 192.168.20.1 255.255.255.0
!
interface Serial0/0
ip address 172.16.3.1 255.255.255.0
no ip directed-broadcast
clockrate 64000
!
interface FastEthernet0/1
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0/1
no ip address
no ip directed-broadcast
shutdown
!
router rip
network 131.102.0.0
!
!
ip classless
no ip http server
ip route 0.0.0.0 0.0.0.0 172.16.3.2
!
!
!
line con 0
line aux 0
line vty 0 4
login
!
end
Router#
Router B
Router Con0 is now available
Press RETURN to get started!
Router>en
Router#show run
Building configuration...
Current configuration : 625 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
!
!
ip subnet-zero
!
!
!
!
!
interface FastEthernet0/0
ip address 131.102.2.1 255.255.255.0
no ip directed-broadcast
!
interface Serial0/0
ip address 172.16.3.2 255.255.255.0
no ip directed-broadcast
!
interface FastEthernet0/1
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0/1
no ip address
no ip directed-broadcast
shutdown
!
router rip
network 131.102.0.0
network 172.16.0.0
network 192.168.10.0
network 192.168.20.0
!
!
ip classless
no ip http server
ip route 0.0.0.0 0.0.0.0 172.16.3.1
!
!
!
line con 0
line aux 0
line vty 0 4
login
!
end
Router#
This way all the computers do talk to each other as well are able to go out of the network to external ones.
Thank you very much for your kind post. It was not a bad experiences for a beginner with this forum.
Regards,
