Wondering if someone can assist with a config I need to put together in the next few weeks.
Situation is this:
Cisco 2851 Router with 3 x ADSL interfaces
Reason behind the 3 x ADSL's is the following:
1 x ADSL (512k/512k) to be used for VoIP traffic
1 x ADSL (512k/512k) to be used for MS SQL traffic
1 x ADSL (8000k/384k) to be used for everything else
Each of these ADSL's will need a site-to-site IPSEC connection back to our main site (terminating on a 3rd party firewall). My question is how should I go about configuring the ADSL interfaces so that only the specified traffic types travels down the correct link?
And if you were wondering why we are looking at doing this on a 2851 it's because the 4th interface is a VIC2-2BRI, and the router is going to be doing SRST (supporting approx 60 VoIP phones).
Any suggestions/comments/example configs would be greatly apreciated.
I've started building a config for this and have struck a potential problem.
When you define each of the three crypto-map's you need to define a 'match' statement which points to an ACL. If the route-map's are matching based on protocol, how should I look at matching the crypto-map's?
Also is it possible to have a different pre-shared key for each ipsec tunnel?
I'd suggest for your mapping on the crypto-maps for your router, match via protocol/ports. You know your SQL is bound to port 1433 or something like that, and it's a TCP protocol. Your VoIP will fall on certain ports and use UDP. . .make sure and include your skinny protocol in there as well.
After that, I think you can gather all the traffic that's left. . .you'd just deny the other two from the access-list you're using for your bulk traffic.
And I do believe you can have a different pre-shared key since you'll have 3 different crypto-maps. I think, but don't quote me on that.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...