We have a cisco router 2821 and a Cisco ASA 5510 firewall.
Router's ADSL interfaces are connected to 2 different ISPs (ISPa - Dialer0 and ISPb - Dialer2).
From ISPb we have 8 public IP addresses. The first is configured on the routers G0/0, the second on the external interface of the ASA firewall. The other IPs are used on firewall rules in ASA firewall so to pass http and smtp traffic from outside to inside (web site and mail server are on LAN). The SMTP and HTTP incoming (from internet) traffic comes from ISPb connection.
We have configured Policy Based Routing on Cisco router so to pass the HTTP outgoing traffic from ISPa connection. All users HTTP requests go through ISPa connection and all other requests go through ISPb connection.
We have used the following commands to accomplish that:
ip nat outside
ip nat inside
route-map HTTP2Vivo permit 10 match ip address HTTP-REQ set interface Dialer0
ip access-list extended HTTP-REQ permit tcp any any eq www permit udp any any eq domain permit tcp any any eq domain
ip nat inside source route-map HTTP2Vivo interface Dialer0 overload
For load balancing and fault tolerance reasons, we want the incoming HTTP traffic to use both ISPs.
We are thinking of adding another A record to DNS that will point to the ISPa public IP connection.
What other steps do we have to take so to achieve this goal?
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...