cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
405
Views
0
Helpful
6
Replies

Isolating WAN traffic

garyrivers
Level 1
Level 1

we have a 6 mg WAN pipe and a DSL connection would like to isolate the traffic to either the 6mg or the DSL by protocol or destination.

is anyone moving WAN traffic like that?

Thanks, Gary

6 Replies 6

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Gary,

in the outbound direction towards internet you can use PBR to use different criteria then just destination based routing.

PBR= policy based routing uses route-maps and the command has to be applied on the lan interface(s) that receive the traffic to be sent outbound.

the route-map can reference an extended ip access-list where you can define what protocols you want to reroute.

Example:

access-list 125 permit tcp any any eq 80

route-map pbr-web permit 10

match ip address 125

set ip next-hop next-hop.on.-adsl

what doesn't need to be rerouted can use normal routing and what doesn't match the route-map is not dropped but routed normally

on lan interface

int fas0/0

ip policy route-map pbr-web

For the traffic inbound coming from internet much less control is possible.

Hope to help

Giuseppe

route-map pbr-web permit 10

match ip address 125

set ip next-hop next-hop.on.-adsl

next-hop.on.-adsl = the IP of my DSL interface connected to my LAN, correct?

Hello Gary,

the next-hop ip address must be that on the other end of the DSL link not the one on your router : it is the same ip address you would use as next-hop in a static route.

otherwise you can use set interface name the name of your DSL interface that would be atm0 or atm0/0 or similar.

Hope to help

Giuseppe

We have an ASA 5505 between the cable modem and the path that we want some traffic to go out of. the ASA's interface that's connecting to the house router is called KWCH_LAN.

Hello Gary,

in this case the ip next-hop is that of the ASA 5505 towards the router where you want to configure PBR.

But the ASA needs to send out to the cable modem everything it receives in the internal lan interface (a default-route pointing to the cable-modem)

Hope to help

Giuseppe

okay, it's getting clearer.

i'll take a look at it.

Thanks for your help.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: