cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
552
Views
0
Helpful
16
Replies

Hi Experts

habibnoubissi
Level 1
Level 1

please is it possible to configure 2 default route in a router?

16 Replies 16

Jon Marshall
Hall of Fame
Hall of Fame

Habib

Yes it is perfectly possible to have 2 default routes on a router. The router will load-balance across the 2 routes (providing it does not find a more specific route in the routing table).

Jon

Thank you Jon for your answer,

in the attached file, you have the architecture of my network:

-R1 connects the other branches to the HQ via MPLS and those branhes go to the internet trhough R1 (in R1 I have 2 interfaces dialer: dialer0 for internet access and dialer1 for MPLS)

-R2 connects the HQ to the internet

But now I want that all my internet traffic passes trougth ASA and for that, I want to shutdown dialer0 in R1 and configure in it a second default route towards ASA.

please I want to know if this would work.

Thank you

Habib

Unfortunately can't read visio files, can you post as a .jpg/.png

Jon

the attached document is in .gif format hope that you can open it

Thank you

So what does the first default-route on R1 point to ?

Jon

Hi Mr Jon,

the first default-route on R1 point to dialer0.

Now I have to ISP, the first one is connectected trough R1 and the second one trough R2, I want to cancel the contract with the first one (contract of internet provider but maintain the contract of MPLS because I am using its infrastructure for MPLS) and maintain the second ISP for internet access.

Thank you, and il will please to read you.

Regards

Habib

Okay 2 default-routes won't work because the router will not know whether to send the packet via MPLS or to the internet.

So

1) the default-route must be used for Internet traffic because the destination address could be anything -

ip route 0.0.0.0 0.0.0.0

2) You will need more specific routes for your branch networks that are reachable via MPLS. So on R1 you would need to add routes for all branch networks eg.

ip route 192.168.5.0 255.255.255.0

etc...

If you have summarised your network hopefully there won't be too many entries.

Jon

Thank you very much for your answer

In R1 I have have already add routes to all my branch networks and those routes are like this:

ip route 172.16.2.0 255.255.255.0 dialer1

ip route 172.16.3.0 255.255.255.0 dialer1

etc...

In R1, I will disable the existing default route which is:

ip route 0.0.0.0 0.0.0.0 dialer0

and replace it by

ip route 0.0.0.0 0.0.0.0

I will get you know.

Regards

Habib

No problem, let me know how you get on.

Jon

hi M. Jon

I changed the default route in R1, and from R1 I reach the DNS of the second ISP trough R2, but when I log in the router of one of my branches I did'nt reach that DNS consequently the computers behind this router don't get access in the internet, please help me to solve this problem.

int the ASA, I have built these dynamics NAT

nat (inside) 1 network_address_branch_1

nat (inside) 1 network_address_branch_2

etc...

global (outside) 1 x.x.x.y - x.x.x.z

regards

hi habib,

are x.x.x.y-x.x.x.z your public IPs? Where r u translating for Internet access? How many Public IP addresses do you have for internet?

In the above configuration if you are specifying public IP in global(outside). Only z-y inside host will be able to access internet.

So, could you please clear, where r u translating for internet access in router R2 or ASA outside interface.

hi roshan

I have one public address for internet and the translation for internet is made on R2.

Rgards

Hi Habib,

I have pasted sample configuration that resembles your network.

! The following are the assumption with IP addresses

! Router R2 [fa0/0]internet address=192.168.10.2 and gateway address=192.168.10.1

! Branch Networks: Branch_A =172.22.10.0/24, Branch_B=172.22.15.0/24

! R2 inside address: 172.16.10.1

! ASA outside address: 172.16.10.2, inside addresss: 172.16.20.1

! Router R1 inside address 172.16.20.2,

!

!=================================================================

! R2 configuration

ip route 0.0.0.0 0.0.0.0 192.168.10.1

ip route 172.22.0.0 255.255.0.0 172.16.10.2

ip route 172.16.20.0 255.255.255.0 172.16.10.2

!

ip access-list extended internet_access

permit ip 172.22.10.0 0.0.0.255 any

permit ip 172.22.15.0 0.0.0.255 any

!

ip nat inside source list internet_access interface fastethernet 0/0 overload

ip nat inside source static 172.16.15.20 192.168.10.20

!

===============================================================

!

! ASA configuration : assuming nat-control is enabled

!

!

no nat-control

!

route outside 0.0.0.0 0.0.0.0 172.16.10.1

route inside 172.22.0.0 255.255.0.0 172.16.20.2

!

!

====================================================================

!

! R1 configuration

!

!

ip route 172.22.0.0 255.255.0.0 dialer1

ip route 0.0.0.0 0.0.0.0 172.16.20.1

!

!

==================================================================

thank you M. Roshan, thank you for your answer, I will try to apply ur sample configuration and let u know; but I also want to controled internet access on my ASA (not all computers have access to the internet), between R2 and ASA I have this network 172.16.254.0/24 which can permit me to do static nat on ASA for computers which have access to the internet, does this configuration work?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: