Internet access for two Different LAN Segment

Unanswered Question
Feb 21st, 2007

lan1 & lan2 > L3 Switch with VLAN> Firewall> Router > ISP

I m having two diifernt lan segment 192.168.1.0/24 and 192.168.2.0/24.

I want to flow the traffic for accessing the internet in such way that traffic for both lan segment will pass thru primary wan link and if its fail then it should switch to secondary one. Kinldy suggest does 1800 model router will be Ok for this network and help me to send the configuration.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
sovic_vito Wed, 02/21/2007 - 11:00

Hi,

it is possible.

1> Inter Vlan routing is happening through ur L3 switch.

2> In L3 switch give one default route towards PIX as the next hop.

3> In Pix configure 2 static route for the LAN segments towards the L3 switch and one default route towards ur outside interface ie. router.

4> In the router you can configure 2 default routes towards the service provider, if u want load balancing.

5> Otherwise configure PBR for one link to be primary and another one for backup.

6> Give 2 static routes in Router towards PIX for return traffic of LAN segment.

7> For Lan traffic to go to internet u can permit the segments in PIX nat0 and do the PATTING in Router or

Hope this will solve ur purpose.

Pls rate.

nikhil_kapoor Thu, 02/22/2007 - 03:06

Hi Lalit ,

Could you pls let me know is there any specific protocol you are running on the router . if its static then there is not no issues . Point a static route on the router as :

ip route 192.168.1.0 255.255.255.0 < Pri_ WAN _ Link >

ip route 192.168.2.0 255.255.255.0 < Pri_ WAN _ Link >

For backup

ip route 192.168.1.0 255.255.255.0 < Sec_ WAN _ Link > 240

ip route 192.168.1.0 255.255.255.0 < Sec_ WAN _ Link > 240 .

Above config onlt applies only for static , if you r running any protocol like BGP then you can use prepending or BGP attribute .

let me know if it works

rgds..Nikhil

Actions

This Discussion