Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Internet access

Here's my situation. I have 2 trunked switches.... One 6513 switch/with MSFC & a 6509 L2 swtich. The MSFC is set up with a couple of static routes and a default route that points to a router that provides

internet access for the entire organization. I'd like to provide pc's(VLAN8) on the L2 switch with the ability to use a different default route to a second router that would provide external Inet access. Can I enter another default route on the MSFC on the 6513 for the devices on VLAN8? Or will this conflict with the default route already on the MSFC?

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: Internet access

Sounds like you're actually looking for Policy Based Routing (PBR). On the default gateway for vlan8 pc's configure pbr to set next hop of your second router for vlan8 external internet traffic.

Re: Internet access

Hi,

1) Are you sure the

access-list 4 permit vlan8_gateway is correct?

I think it should be

access-list 4 permit vlan8_IP_subnet wildcard

i.e. access-list 4 permit 10.8.0.0 0.0.255.255

if you are using 10.8.0.0 subnet for your VLAN8.

2) Wouldn't it be more correct to configure the second router IP address as the default gateway on the PCs in VLAN8?

Regards,

Milan

5 REPLIES
Cisco Employee

Re: Internet access

Sounds like you're actually looking for Policy Based Routing (PBR). On the default gateway for vlan8 pc's configure pbr to set next hop of your second router for vlan8 external internet traffic.

New Member

Re: Internet access

i've tried to set it as follows with no success..

------------------------------------------------

access-list 4 permit vlan8_gateway

!

interface vlan8

ip policy route-map test

!

route-map test permit 10

match ip address 4

set ip default next-hop 2nd_router_address

-----------------------------------------------

Re: Internet access

Hi,

1) Are you sure the

access-list 4 permit vlan8_gateway is correct?

I think it should be

access-list 4 permit vlan8_IP_subnet wildcard

i.e. access-list 4 permit 10.8.0.0 0.0.255.255

if you are using 10.8.0.0 subnet for your VLAN8.

2) Wouldn't it be more correct to configure the second router IP address as the default gateway on the PCs in VLAN8?

Regards,

Milan

Bronze

Re: Internet access

Seems like this solution will make all traffic from vlan 8 go to the internet. If they need to access other nets at your site you need to test on the destination not the source. Make a list of local nets and if it does not match implement the policy.

New Member

Re: Internet access

THANKS EVERYONE!! Actually the PBR solution is just what I needed. WORKS GREAT.

105
Views
0
Helpful
5
Replies
CreatePlease login to create content