Secondary Internet Connection

cowsis300 · ‎05-23-2008

Currently we have a single T1 which comes into a 1800 series router which from there feeds our PIX 515E. We utilize this circuit for all core services. We are looking at possibly brining online a spare PIX with a secondary internet connection and routing all http/https traffic through this device to try and free up some bandwidth on the T1. I am very limited in what I have on my infrastructure in the way that prior to my arrival the infrastructure was built solely upon 3750 E's running as L3 switches. I was thinking the best bet would be to create some type of policy based route map and setting the next hop with in it to that of the second PIX. Anyone ever setup some thing along these lines? Any suggestions would be great.

Thanks

ohassairi · ‎05-25-2008

first: if you think http is not important in your company, you can use QoS to limit navigation bandwidth. if yes, this is an other subject to discuss.

but if you think users need a confortable http access, then

the solution you can use (and that can save the new PIX price) is to :

-add just a new internet connection to the same 1800 rtr. this connection will be dedicated to http.

-configure PIX to NAT http users with a particular public IP and use PBR to route users via new connection. if you have no free public IP, let the PIX making no NAT and let the rtr make the NAT.

cowsis300 · ‎05-25-2008

I think I forgot to mention that the router in my office is not managed by myself rather they pay for a managed service on it. I suggested the PIX since we have a spare which we use in the lab that could be deployed if needed. My options would be to use the PIX or possibly acquire a router to use for the internet connection. Do you have any documents on setting something like this up?

Thanks