Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Need route map examples

Hi;

I have a 2691 router with 4 fastethernet and 2 T1 cards. One serial port is my production WAN hosting my GRE/VPN interoffice connections. Two fast ethernet ports are part of my DMZ. fa1/0 is attached to my DMZ switch, and fa1/1 is cnnected to a 2503 e0 router, which the s0 on this 2503 hits te Internet.

I currently have "ip policy route-map BYPASS_VPN" in my interface fa1/0 and a route map with the next hop defined as well.

This all works fine.

I now need to initiate from within my DMZ an ftp session into my production network, so the next hop will not be my DMZ router.

Can anyone supply me with some examples as to how you folks do this?

Regards

Jeff

2 REPLIES

Re: Need route map examples

Can you paste your configs. Why do you have a route-map in the first place, when you could run routing protocol over the GRE/VPN topology to know about routes in your production network, while have a default route to 2503 for Internet traffic ?

New Member

Re: Need route map examples

Hi;

The reason why I have a second T1 line is this:

I have an application that utilizes 100% of circuit capacity. This application, when launched, killed my production T1 link. The work around was to implement a second T1 line and use this link solely for this business application. Now, I call this segmented network DMZ. In addition to me launching this killer application to an Internet based customer facility, I have a need to ftp to one of my internal machines. I do not advertise DMZ IP address space on my inside network, so yes, I can get to the inside FTP server, but the return path isn't known, and I do not want to use static routes. Therefore I'm looking at a nat statement and an access list.

Ideas?

Jeff

308
Views
0
Helpful
2
Replies
CreatePlease login to create content