Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
239
Views
0
Helpful
1
Replies

CBAC and multihoming

tcherkon
Level 1
Level 1

‎11-30-2005 02:58 AM - edited ‎03-09-2019 01:11 PM

Hello!

We have a network that is connected to two ISPs. Each ISP connection uses its own PIX firewall. Those firewalls are both connected to a single router through separate interfaces. Also we have a server connected to the same router.

Then a number of external users make their connections to our server from outside. Some of those connections go through ISP1 and PIX1 while the others go through ISP2 and PIX2.

The question is: how to configure router so that it route backward traffic to the right interface?

For instance: if incoming packet was from ISP1 then reply from server to client should go through PIX1 as well. If the router send reply through PIX2 the session will break hence PIX1 cannot track the session.

I can call this task 'stateful routing' or 'CBAC in multihoming environment'. Is there any Cisco feature that can handle this problem?

Thanks in advance!

Labels:
0 Helpful
1 Reply 1

nkhawaja
Cisco Employee
Cisco Employee

‎11-30-2005 11:53 AM

hi,

we need to look into policy based routing. we somehow have to classify the traffic coming from one ISP and then route the return traffic back to the same ISP

look at this link

http://www.cisco.com/warp/public/732/Tech/plicy_wp.htm

thanks

Nadeem

0 Helpful
Customers Also Viewed These Support Documents