Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Help with network design for school wan

Hi There,

I'm not entirely sure about what solutions are available for this design. Any guidance would be greatly appreciated.

[school wan] ---> [3560G] --> (P1_7606) [MPLS Cloud] (P2_7606) --> WWW

The school wan encompasses a number of schools. They want to use us (the service provider) for Internet traffic but have all school traffic not go beyond the Cisco 3560G switch unless it's Internet traffic.

My Manager suggested we create a "virtual router" for them - by this I wasn't sure if he meant that we use vrf-lite or if we set them up on our MPLS network.

Are we best to we use vrf-lite and create a vrf locally on the 3560G and establish some route leaking for internet traffic or do we encompass them into our MPLS network (not sure which way is better). We run a mixture IP and MPLS within our core network if that helps. Or is there a better solution out there?

Thanks.

Andy

1 REPLY
Hall of Fame Super Bronze

Re: Help with network design for school wan

How about outbound filtering on the school private subnet with a permit ip any any at the end of the ACL?

For instance, school private subnet 10/8

ip access-list extended INTERNET

deny ip any 10.0.0.0 0.255.255.255

permit ip any any

interface fx/x or svi x/x

ip access-group INTERNET out

__

Edison.

261
Views
4
Helpful
1
Replies
CreatePlease to create content