Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Lease line and ADSL

Dear Sir/Madam,

My network as follows:

ISA 2004- 1841--

-----------lesse line



I want all users access internet through ISA 2004, all traffic out to lease line and only web &FTP traffic out to ADSL.

I configured but not run.

Can you help me!

Thanks a lot,

Nhuong Pham

Current configuration : 2318 bytes


version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption


hostname VTI





logging buffered 51200 warnings


username xxx privilege 15 secret xxxx

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

no aaa new-model

ip subnet-zero

ip cef





ip domain name

ip name-server

ip name-server

vpdn enable


vpdn-group pppoe


protocol pppoe


no ftp-server write-enable





interface FastEthernet0/0

description connected to EthernetLAN

ip address

ip nat inside

ip tcp adjust-mss 1452

ip policy route-map TRAFFIC

duplex auto

speed auto


interface FastEthernet0/1

no ip address


duplex auto

speed auto


interface Serial0/0/0

description connected to VDC

ip address 222.x.x.x.255.255.252

ip nat outside


interface ATM0/1/0

description connected to Viettel

ip address dhcp hostname viettel

ip helper-address

no atm ilmi-keepalive

dsl operating-mode auto

pvc 8/35

pppoe-client dial-pool-number 1



interface Dialer1

ip address negotiated

ip mtu 1452

ip nat outside

encapsulation ppp

dialer pool 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname xxx

ppp chap password xxx

ppp pap sent-username xxx password xxx


ip classless

ip route Dialer1

ip route Serial0/0/0

ip http server

ip http authentication local

ip http timeout-policy idle 600 life 86400 requests 10000

ip nat inside source list 5 interface Dialer1 overload

ip nat inside source static



access-list 5 permit

access-list 101 permit tcp any any eq ftp

access-list 101 permit tcp any any eq www

access-list 102 permit ip any any

dialer-list 1 protocol ip permit

snmp-server community string RO

snmp-server enable traps tty

route-map TRAFFIC permit 10

match ip address 101

set interface Dialer1


route-map TRAFFIC permit 20

match ip address 102

set interface Serial0/0/0






line con 0

login local

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet

line vty 5 15

privilege level 15

login local

transport input telnet



VIP Purple

Re: Lease line and ADSL


can you specify what is not working ? Your config looks ok, provided the clients send their web traffic to the ISA server first, and the ISA server then sends the web traffic to FastEthernet0/0.

A possible problem might be that you send www traffic out the ADSL interface, but not DNS traffic (which is necessary to resolve web addresses). Can you try and add the following to access list 101:

access-list 101 permit tcp any any eq 53

and see if that makes a difference ?



CreatePlease to create content