cisco 2600 router

Unanswered Question

Need help configuring the cisco 2600 router to make sure the two subnet are directed thru two separate ports to a firewall. Then, from the firewall it connects to my internet service provider.

1) The security levels including port traffic allow individual ips or subnets will be handle at the firewall.

2)I'd like to be able to direct the two individual subnet going out from the router to the firewall thru two separate interfaces.

So, the two subnets comes thru a singel interface in the cisco 2600 router. And, the subnets are routed to navigate thru two separate interfaces.

internal subnets:

(labs) /24

(employees) /24

router and switches management subnet: /24

Can you provide cisco router code examples on how to acomplish this goal?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
branfarm1 Fri, 06/19/2009 - 19:15

I would use a route map on your router:

access-list 100 permit

route-map source permit 10

match ip address 100

set ip default next-hop

As long as you have your default route set to the interface for the employees traffic, the route map will catch all of the lab traffic and direct it to the other interface.

Hope that helps

branfarm1 Sat, 06/20/2009 - 10:12

Hey Laurent,

Can you clarify a bit? Assuming his traffic is destined for the internet there wouldn't be a route in the RIB don't you think?



Laurent Aubert Mon, 06/22/2009 - 05:16

Hi Brandon,

Your solution suggests employee traffic will use a default-route and PBR will focus on LAB traffic. In this case, set ip default next-hop will not forward the lab traffic to another interface if the default route is in the RIB.

Personally, I would use the following config:

route-map PBR permit 10

match ip address

set ip next-hop NH1


route-map PBR permit 10

match ip address

set ip next-hop NH2


But may be I missed something in your solution Brandon.



branfarm1 Mon, 06/22/2009 - 17:10

Hi Laurent,

Thanks for clarifying. The reason I'm curious is because I'm using PBR to do pretty much the same thing as what he wants to do and I'm using a default route for half of my traffic. I use PBR on my ISP facing router to seperate traffic between my two ISP's. I match one IP range and send it down one link, and the rest is default routed out the other link.

I like your solution though -- there's no guess work about who goes where.



mrmanglicmot Tue, 06/23/2009 - 02:30

Is any one has a cisco 2620xm and cisco 2621xm ios software.(c2600-i-mz.123-10.bin)



This Discussion