How about connecting A & B L2L with a GRE over IPsec (terminating the
GRE on the routers) ? This way all the routes to B site will go through
the router instead of the firewall. (Ok, you'll lose some bytes for GRE


Stewart, John wrote:
> We have a remote office (site B) to which we have a T1 link (from site A).
> The routers on each side of this T1 are Cisco 2811's, and they reside
> internal on our trusted networks, talking EIGRP to our other internal
> routers on both sides.

firewall-wizards mailing list