Routing using 2 ISP question?

Leonardo Pena Davila · ‎10-02-2007

I have to connect to my network a group of users that don?t share the same domain. I have created a new vlan for those users (vlan 20). This users can access my printers and some servers so they need to form part of intervlan routing. but ARE NOT ALLOWED TO USE MY ISP

I would like that thoses users access the the internet via a router axess-tel connected to my switch.

How can I route my traffic of this unique vlan via this axess-tel?

Example

Interface Vlan 30

Ip address 30.30.30.1 255.255.255.0

Interface Vlan 10

Ip address 10.10.10.1 255.255.255.0

Interface vlan 20

IP address 20.20.20.1 255.255.255.0 --- This users should use the internet via the axess-tel that have ip address 20.20.20.150

IP route 0.0.0.0 0.0.0.0 167.175.xxx.xxx ? All users but those on vlan 20 must use this route to access the internet.

How can I do this

Thanks

Regards

Lp

royalblues · ‎10-03-2007

You need to use PBR to do this.

Deny the routes for the server/printer access from the PBR access-list and route all other traffic towards the axess-tel

access-list 100 deny ip 20.20.20.0 0.0.0.255 10.10.10.0 0.0.0.255

access-list 100 deny ip 20.20.20.0 0.0.0.255 30.30.30.0 0.0.0.255

access-list 100 permit ip any any

route-map axtess-tel permit 10

match ip address 100

set ip next-hop 20.20.20.150

interface vlan 20

IP address 20.20.20.1 255.255.255.0

ip policy route-map axtess-tel

You might need to edit the access-list if some access in future is required between some new vlans

HTH, rate if it does

Narayan