Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Lease line and ADSL

Dear Sir/Madam,

My network as follows:

ISA 2004-10.0.0.1----10.0.0.2-Router 1841--

-----------lesse line

I

-----------ADSL

I want all users access internet through ISA 2004, all traffic out to lease line and only web &FTP traffic out to ADSL.

I configured but not run.

Can you help me!

Thanks a lot,

Nhuong Pham

Current configuration : 2318 bytes

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname VTI

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

!

username xxx privilege 15 secret xxxx

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

no aaa new-model

ip subnet-zero

ip cef

!

!

!

!

ip domain name vti.com

ip name-server 203.162.4.1

ip name-server 203.113.131.1

vpdn enable

!

vpdn-group pppoe

request-dialin

protocol pppoe

!

no ftp-server write-enable

!

!

!

!

interface FastEthernet0/0

description connected to EthernetLAN

ip address 10.0.0.2 255.0.0.0

ip nat inside

ip tcp adjust-mss 1452

ip policy route-map TRAFFIC

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/0/0

description connected to VDC

ip address 222.x.x.x.255.255.252

ip nat outside

!

interface ATM0/1/0

description connected to Viettel

ip address dhcp hostname viettel

ip helper-address 203.113.131.1

no atm ilmi-keepalive

dsl operating-mode auto

pvc 8/35

pppoe-client dial-pool-number 1

!

!

interface Dialer1

ip address negotiated

ip mtu 1452

ip nat outside

encapsulation ppp

dialer pool 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname xxx

ppp chap password xxx

ppp pap sent-username xxx password xxx

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 0.0.0.0 0.0.0.0 Serial0/0/0

ip http server

ip http authentication local

ip http timeout-policy idle 600 life 86400 requests 10000

ip nat inside source list 5 interface Dialer1 overload

ip nat inside source static 10.0.0.1 222.255.74.108

!

!

access-list 5 permit 10.0.0.0 0.0.0.255

access-list 101 permit tcp any any eq ftp

access-list 101 permit tcp any any eq www

access-list 102 permit ip any any

dialer-list 1 protocol ip permit

snmp-server community string RO

snmp-server enable traps tty

route-map TRAFFIC permit 10

match ip address 101

set interface Dialer1

!

route-map TRAFFIC permit 20

match ip address 102

set interface Serial0/0/0

!

!

control-plane

!

!

line con 0

login local

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet

line vty 5 15

privilege level 15

login local

transport input telnet

!

end

1 REPLY
VIP Purple

Re: Lease line and ADSL

Hello,

can you specify what is not working ? Your config looks ok, provided the clients send their web traffic to the ISA server first, and the ISA server then sends the web traffic to FastEthernet0/0.

A possible problem might be that you send www traffic out the ADSL interface, but not DNS traffic (which is necessary to resolve web addresses). Can you try and add the following to access list 101:

access-list 101 permit tcp any any eq 53

and see if that makes a difference ?

Regards,

GP

180
Views
0
Helpful
1
Replies
CreatePlease to create content