Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
665
Views
0
Helpful
4
Replies

Default-route in the network.

Amit Singh2000
Level 1
Level 1

‎11-08-2011 11:07 PM - edited ‎03-04-2019 02:12 PM

Hello genius minds.

I have a network of about 50 sites connected via MPLs. We have a default- route in the network for Internet access. The company has decided to remove this default route and use proxy for Internet access for security purposes.

Now before we remove that. We would like to see what application or who ( source ip) is using this default route. So that we can try to see dependencies. How can I achieve this ?

Any ideas.

Thanks in advance

Sent from Cisco Technical Support iPad App

Labels:
0 Helpful
4 Replies 4

smitesh kharecha
Level 5
Level 5

‎11-08-2011 11:35 PM

Hi Amit,

Your MPLS provider has giving you a default route, so that you sent any traffic from your CE to PE ( either internet traffic or intranet traffic).

So what ever traffic which originates in all your sites will need that default route to get out of that particular site and go to where it has to got. Its is PE which will decide where and how to sent that traffic.

HTH,

Smitesh

0 Helpful

milan.kulik
Level 10
Level 10

‎11-09-2011 12:01 AM

Hi,

I suppose you are receiving not only the default route from you provider but also routes for your sites?

So it might be possible to configure some ACLs on your CE routers logging packets sent to other destinations than your company IP range.

But the easiest way would be logging the traffic sent to the Internet.

I suppose you are using some FW on your Internet connection?

So why don't you start logging the traffic sent to the Internet and observe the source addresses in your FW log?

HTH,

Milan

0 Helpful

Mahesh Gohil
Level 7
Level 7
In response to milan.kulik

‎11-09-2011 01:22 AM

Hi Amit,

If we have something like IP accounting with access-list then you may see which sources accessed internet.

You can apply this feature on your central site connecting interface towards provider. You can put all networks other than owned by your company (I mean internet destination).

If i am not wrong may be netflow also help you to achieve u want.

i have not implemented this so you can search internet for such features.

Regards

Mahesh

0 Helpful

Latchum Naidu
VIP Alumni
VIP Alumni
In response to Mahesh Gohil

‎11-09-2011 06:00 AM

Hi Hi Amit,

It seems your setup looks like one of my customer have the same kind of setup..

It is like they have only MPLS connection at site and have internet connection at their HQ, So what they did is all required/known traffic to rest of the sites and to HQ routed over MPLS and the default-route/unknown/internet traffic pointed to the HQ gateway so that the internet traffic from other MPLS connected sites can get internet from their HQ site.

Is that what your setup?

Please rate the helpfull posts.
Regards,
Naidu.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card