Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
460
Views
0
Helpful
3
Replies

One Firewall and two routers

a.crippa
Level 1
Level 1

‎06-30-2008 07:36 AM - edited ‎03-03-2019 10:32 PM

Hi to all,

Probably for you is a studip problem, but for me...

I have a Router 2811 configured as firewall and CME, and as gateway to ADSL a router 837 series.

Until yesterday I have only one ADSL, but now we need an other ADSL to split client traffic and server traffic.

I configured an other 837 router to with the ADSL, each adsl had 8 ip subnet.

It is enougth to configure and other ip route with same weight?

Like this:

ip route 0.0.0.0 0.0.0.0 111.111.111.111

ip route 0.0.0.0 0.0.0.0 222.222.222.222

and reconfigure the NAT pool for client?

Thank you very much.

Augusto.

Labels:
0 Helpful
3 Replies 3

mpatus
Level 1
Level 1

‎06-30-2008 09:53 AM

Configuring two equally weighted static routes will cause them to load balance.

If I'm understanding correctly, you want your clients to use one ADSL router and your servers to use the other.

Let's pretend your servers are in the 192.168.1.x range of IPs and your clients are in the 192.168.2.x range of IPs

Try this:

access-list 101 permit ip 192.168.1.0 0.0.0.255 any

access-list 102 permit ip 192.168.2.0 0.0.0.255 any

route-map TEST permit 10

match ip address 101

set ip next-hop 1.1.1.1

route-map TEST permit 20

match ip address 102

set ip next-hop 2.2.2.2

interface f0/0 (whatever your inside interface is)

ip policy route-map TEST

You then no longer need your static route.

0 Helpful

a.crippa
Level 1
Level 1
In response to mpatus

‎07-01-2008 01:25 AM

Hi, you understand perfectly, it seems easy... but now I have also some static NAT/PAT (for servers that I don't want change) and dynamic NAT (for clients).

Then I cannot change IP ranges. Can I make a access-list with subnet like that:

access-list 107 permit ip 192.168.254.192 0.0.0.63 any (all server ip are higher then 192)

access-list 108 permit ip 192.168.254.0 0.0.0.63 any

access-list 108 permit ip 192.168.254.64 0.0.0.63 any

access-list 108 permit ip 192.168.254.128 0.0.0.63 any

route-map TEST permit 10

match ip address 107

set ip next-hop 1.1.1.1 (old adsl)

route-map TEST permit 20

match ip address 108

set ip next-hop 2.2.2.2 (new adsl)

Thank a lot

Augusto

0 Helpful

mpatus
Level 1
Level 1
In response to a.crippa

‎07-01-2008 05:47 AM

Yes those ACLs should work just fine.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card