I am after configuring 2 ISP connections on my perimeter router; the connection from ISP A is to be dedicated for regular users internet access and for some servers' inbound access. On the other hand, connection from ISP B is dedicated for VIP users internet access and for VIP servers' inbound access.
I have a PIX FW running ver 6.3 behind the router. Now, as you know each ISP is giving a different public address range so what is the best configuration to control the traffic in the way I need ?
I have already tried to configure 2 connections b/ the router and the PIX, each is having the public range from different ISP, but since the PIX doesnt do source-based routing as in the router so I faced problems because always the traffic is routed to the default route which is in my case ISP A!!
I am thinking of configuring NATing for traffic intended for ISP B on the router itself on a loopback interface in the following manner:
-there is only one link b/ the router and the PIX which has ISP A public address
- A loopback on the router has ISP B public range.
- All the servers are on the same DMZ on the PIX
- Servers intended on ISP A will be NATed normally on the PIX iteself
- Servers and traffic intended for ISP B will be NATed 1st on the PIX and then on the router's loopback interface.
Please give me your recommendations and advise whether there are other scenarios for achieving what I am after or whether there is a way to achieve this on the PIX.
Re: Configuring 2 ISP Connections on the same Router
PIX does not support PBR and the public IP ranges from both ISPs are on 2 different PIX outside interfaces (i.e. I have 2 outside connections b/ the router and the PIX each is for different ISP) but with this configuration the PIX keeps routing traffic to the default route completely ignoring the other in case of outbound traffic.
I am thinking of configuring a loopback interface having the IP address of ISP B while ISP A is configured on a physical interface on my router since it can support PBR. I will implement this in the way I explained in my previous post, can you pls confirm whether that configuration will help?
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.