I hope any one will assist me in this mysterious issue which i had in this lab , i was watching C B T N u g g e t s for CCNP and in the video of " 24- Path Control " after making the configuration step by step with the instructor i found that " Client1 " can reach to " ISP1 " normally however we should done some configuration must prevent this from happening , so i will be glad if any one can assist me as i am still revising & revising but i couldn't know where is the error ,
This is the topic of the Video
Policy-Based Routing Lab
Your organization is implementing a dual ISP setup should be tightly controlled. They have requested the following parameters:
Client1 surfs the Internet all day doing nothing productive. All traffic from this client should route out ISP2, which is a slower Internet connection. If ISP2 is down, Client1 should not be able to access the Internet.
Client2 handles sophisticated transactions. Both Telnet and HTTPS traffic should route towards ISP1, which is the more reliable connection. All other traffic from Client2 should route out ISP2.
Traffic from other clients (not shown in this diagram) should route out ISP2.
Traffic originating from the PolicyRouter should prefer ISP1 but should fail over to ISP2 should ISP1 be unavailable. Verify ISP1 is available using proactive testing techniques.
To accomplish these objectives, you may create no more than two route-maps and three access-lists.
1. Telnet from Client1 to ISP2 (188.8.131.52). The telnet session should connect to the ISP router; likewise, you should be able to verify traffic by using the show route-map command on the PolicyRouter. You can also verify by traffic by viewing the logging buffer on ISP2. Performing a telnet session to ISP1 (184.108.40.206) should fail (simply because ISP1 and ISP2 have no knowledge of each other).
2. Telnet from Client2 to ISP1 (220.127.116.11) using TCP port 23 and 443 (telnet 18.104.22.168 443). Both sessions should connect. You can validate the path used through the same process as Client1. Telnet to ISP2 using TCP port 80 (telnet 22.214.171.124) to validate alternate path routing. Telnetting to ISP2 using port 23 or 443 should fail (since traffic will be policy routed to ISP1 who has no knowledge of ISP2).
3. To test traffic originating from the router, issue pings to ISP1 (these should succeed), then ping ISP2 (these should fail). Verify that ISP1 received the packets by viewing the logging buffer. Shut down the interface to ISP1 and then ping ISP2; the pings should succeed.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...