Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

lost on WAN setup

Hi guys,

I have some changes on my network and i am trying to figure out a way to get it work. but I must say i am a bit lost.

I was given this requirements:

1) connect to 2 MPLS providers

2) Traffic that doesnt require to be NATed is send out the MPLS router, those required to be NATed is send via NAT router.

3) when one MPLS provider down, the traffic should be automatically routed to the second MPLS provider.

4) load sharing on both MPLS link.

5) all traffic must pass through the Riverbed optimizer.

The MPLS router will run BGP. All sites are isolated network, SiteA will link to mpls1, siteB will link to mpls2. The GRE tunnel is meant to connect sites that are using conflicting IP addresses with the rest of the sites but not among themselves.

I have done some reading but I am not sure if this is going to work. Attached is the diagram of the setup. I would appreciate any comments and if possible, pointing me to the right info to get this network running.

Thank you,


Hall of Fame Super Gold

Re: lost on WAN setup


Honestly the task you've been given is at level of a CCIE routing, or someone with equivalent experience. Both figures would probably need a fair amount of studying and testing to get it right in all aspects.

I would consider hiring a reputable professional for your design.

New Member

Re: lost on WAN setup

1. Looks like you are already connected to the two MPLS providers.

2. You need to configure a policy map to match an acl for interesting traffic for NAT. This means configure an access list that matches traffic that is to be natted. Then apply this to a policy to a route map that point that traffic to the NAT router with a cost of 10.

3. If you are running an IGP between Site A and Site B 3845 routers, ensure that the "default information originate" is configured on both routers.

4. You cant load share across two routers as in this design. You would need a device that has a physical connection to router A and B and can use dCEF to load share on links. You can use technologies such as dCEF, dMLPP to load share, but you can only load share acorss links on the same physical box.

5. If you have your default route is pointing to the river bed devices above your 3845's you should be fine.

Also I would need the configuration of the 3845's to be able to give you more info.

Dr. Rajinder Uppal