Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
757
Views
0
Helpful
6
Replies

cisco 2600 router

par13
Level 1
Level 1

‎06-17-2009 04:08 PM - edited ‎03-06-2019 06:19 AM

Need help configuring the cisco 2600 router to make sure the two subnet are directed thru two separate ports to a firewall. Then, from the firewall it connects to my internet service provider.

1) The security levels including port traffic allow individual ips or subnets will be handle at the firewall.

2)I'd like to be able to direct the two individual subnet going out from the router to the firewall thru two separate interfaces.

So, the two subnets comes thru a singel interface in the cisco 2600 router. And, the subnets are routed to navigate thru two separate interfaces.

internal subnets:

(labs)192.168.1.0 /24

(employees) 192.168.2.0 /24

router and switches management subnet:

10.2.1.0 /24

Can you provide cisco router code examples on how to acomplish this goal?

Thanks

Labels:
0 Helpful
6 Replies 6

branfarm1
Level 4
Level 4

‎06-19-2009 07:15 PM

I would use a route map on your router:

access-list 100 permit 192.168.1.0 0.0.0.255

route-map source permit 10

match ip address 100

set ip default next-hop

As long as you have your default route set to the interface for the employees traffic, the route map will catch all of the lab traffic and direct it to the other interface.

Hope that helps

0 Helpful

Laurent Aubert
Cisco Employee
Cisco Employee
In response to branfarm1

‎06-20-2009 09:59 AM

Hi,

set ip default next-hop will policy route the packet only if there is not route available in the RIB.

You need to use the set ip next-hop instead which will do the opposite.

http://www.cisco.com/en/US/tech/tk364/technologies_configuration_example09186a00801f3b54.shtml

HTH

Laurent.

0 Helpful

branfarm1
Level 4
Level 4
In response to Laurent Aubert

‎06-20-2009 10:12 AM

Hey Laurent,

Can you clarify a bit? Assuming his traffic is destined for the internet there wouldn't be a route in the RIB don't you think?

Thanks,

--Brandon

0 Helpful

Laurent Aubert
Cisco Employee
Cisco Employee
In response to branfarm1

‎06-22-2009 05:16 AM

Hi Brandon,

Your solution suggests employee traffic will use a default-route and PBR will focus on LAB traffic. In this case, set ip default next-hop will not forward the lab traffic to another interface if the default route is in the RIB.

Personally, I would use the following config:

route-map PBR permit 10

match ip address

set ip next-hop NH1

!

route-map PBR permit 10

match ip address

set ip next-hop NH2

!

But may be I missed something in your solution Brandon.

HTH

Laurent.

0 Helpful

branfarm1
Level 4
Level 4
In response to Laurent Aubert

‎06-22-2009 05:10 PM

Hi Laurent,

Thanks for clarifying. The reason I'm curious is because I'm using PBR to do pretty much the same thing as what he wants to do and I'm using a default route for half of my traffic. I use PBR on my ISP facing router to seperate traffic between my two ISP's. I match one IP range and send it down one link, and the rest is default routed out the other link.

I like your solution though -- there's no guess work about who goes where.

Thanks,

--Brandon

0 Helpful

mrmanglicmot
Level 1
Level 1

‎06-23-2009 02:30 AM

Is any one has a cisco 2620xm and cisco 2621xm ios software.(c2600-i-mz.123-10.bin)

tnx

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card