[c-nsp] Design question
Rodney Dunn
rodunn at cisco.com
Thu Jul 21 16:36:59 EDT 2005
At the apartment what is the WAN interface?
Is it connected directly to the internet?
GRE would surely work you just have to handle the
MTU issues with it.
ip tcp adjust-mss
Rodney
On Thu, Jul 21, 2005 at 03:22:54PM -0500, Eric Helm wrote:
> Hello,
> I'm looking at a solution for a rental management company.
> They want to offer free internet in all their apartments. We will be
> installing Cisco Aironet APs in each apartment complex.
> The customer requires all traffic to tunnel back to their main office
> location where it can use a single hotspot type gateway that will force
> user authentication and add dhcp server functionality. Since the traffic
> is internet only, and each apartment complex has no need to talk to each
> other, my thoughts are to do a simple GRE tunnel at each remote site. If
> GRE is a good idea, how would be the best way to go about forcing
> traffic to use the GRE tunnel? I was thinking policy routing with a
> configuration something like this:
>
> interface Tunnel0
> description Connected to Main Office
> ip add 10.69.69.1 255.255.255.252
> tunnel destination xxx.xxx.xxx.xxx
>
> interface Ethernet0
> description Connected to Apt. Complex WLAN
> ip address 10.254.1.1 255.255.255.0
> ip helper-address 10.69.69.2
> ip policy route-map http
>
> access-list 101 permit tcp any any eq www
>
> route-map http permit 10
> match ip address 101
> set interface Tunnel1
> {or should I use 'set ip next-hop 10.69.69.2' which is the remote end of
> the GRE Tunnel?}
>
> If GRE is not a good solution, what would you recommend?
>
> Thanks,
> Eric
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list