the device that will be connected is a skyX gateway for tcp acceleration. how would i make all the traffic flow through this device. current config attached. the port is fa1/0 where the device resides. Is this possible to have all traffic be routed through fa1/0???

so you are wanting all traffic coming in to this router from every interface to get routed to the accelerator? if that is correct do they not support something like wccp redirection to force the traffic there? otherwise you may want to have a default route from the route to point to the fa1/0 (this is not a clean way though I would not think).

the router platform is a 2800 series and i am unsure if it supports the wccp feature. How would i make a default route to direct the traffic through the device? Or how would i configure wccp? what is the best method for what i am trying to do?

If you WANT to configure WCCP, here's a short primer: http://articles.techrepublic.com.com/5100-1035_11-6175637.html

I wouldn't think this would be necessary if you are just using the gateway as a web proxy. If you're running a Windows network, you could just push down a group policy with the proxy settings to all of your users. If you want absolutely all outbound traffic diverted to this gateway, then you could configure the default route to point to it:

ip route 0.0.0.0 0.0.0.0

would i delete the ip classless from my config? what command could i use to diagnose that the traffic is flowing to the right port.

would i delete the ip classless from my config? what command could i use to diagnose that the traffic is flowing to the right port.

If you are running only strict class A B or C networks, you shouldn't need ip classless on your router. If you are further subnetting any class A B or C networks, then you must use IP classless.

If the skyX gateway is between your outbound router interface and the internet then you know the traffic is going through it. If the skyX gateway is networked on the same subnet as the outbound router interface and your default gateway and the new default route has been configured, then all outbound traffic will flow to the skyX gateway.

could you give me an example of how this config of the interfaces? i listed a config on the prior post. could you help on routing traffic to the fa1/0 port.

If all of fa1/1 - 8 are configured to switchport access vlan 1, then you would have to ip your "interface vlan 1" on your router to the same subnet as your hosts on the fa1/1 - 8 ports. Configure this IP address as the default gateway on your hosts. The default route that I gave you earlier will push all traffic destined for an IP network not known to your router's route table through to the skyx accelerator.

If you would like to use a different vlan than 1, just replace all instances of "vlan 1" with "vlan x". Another thing you could do is put the hosts and the skyx gateway device on the same subnet and vlan and use the gateway as your default gateway on your hosts. If you are still having problems, post your current config.

here is the current config. the sxy x is fa1/0 where all traffic needs to go through.

interface FastEthernet0/0

description unsecured test configuration

no ip address

duplex auto

speed auto

bridge-group 50

!

interface FastEthernet0/1

no ip address

duplex auto

speed auto

bridge-group 50

!

interface FastEthernet1/0

description "ACCELERATOR"

switchport access vlan 100

!

interface FastEthernet1/1

description "DV2"

!

interface FastEthernet1/2

description "STAFF4"

!

interface FastEthernet1/3

description "STAFF2"

!

interface FastEthernet1/4

description "DV1"

!

interface FastEthernet1/5

description "STAFF3"

!

interface FastEthernet1/6

description "STAFF1"

!

interface FastEthernet1/7

description "CSOSTATION"

!

interface FastEthernet1/8

shutdown

!

interface FastEthernet1/9

shutdown

!

interface FastEthernet1/10

shutdown

!

interface FastEthernet1/11

shutdown

!

interface FastEthernet1/12

shutdown

!

interface FastEthernet1/13

shutdown

!

interface FastEthernet1/14

shutdown

!

interface FastEthernet1/15

shutdown

!

interface Vlan1

no ip address

bridge-group 50

!

interface Vlan100

ip address 10.10.11.1 255.255.255.0

!

interface BVI50

ip address 10.10.10.2 255.255.255.0

!

ip classless

!

ip http server

!

!

control-plane

!

bridge 50 protocol ieee

bridge 50 route ip

!

line con 0

password 5152

login

line aux 0

line vty 0 4

privilege level 15

password 5152

login

transport input telnet

line vty 5 15

password 5152

login

transport input telnet

!

scheduler allocate 20000 1000

!

end

SIPRNet#

Throw one of your devices on vlan 100 and give it an IP address in that subnet. Set the gateway to your accelerator. Test the connection. I assume there is some way to view connections on the accelerator. If that works, create a user vlan. IP the vlan interface. Make that IP address the default gateway for your users. Place your user interfaces in the newly created user vlan. Enter in the default route in global config mode:

ip route 0.0.0.0 0.0.0.0 10.10.11.2

--Change the 10.10.11.2 to the ip address of your accelerator.

chris,

Just an idea!

Can we think of having a trunk-port in place of access-port for the device (if at all its NIC supports dot1q) i.e. by making it a trunk port all vlan traffic should pass through this port, isn't it?

Kindly let me know if it is doable/feasible.

--gaurav