Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Next Hop for certain servers?

In my network, we have three firewalls for out going connections, two on a t1, one on business cable.

All servers are nat'd through the two on the T1, call em pix1 and pix2. All user internet goes out through pix3 on the cable connection. All of this can be handled by my default router (a 2600) on the network. All of these appliances are on the same subnet.

Is there a way, that I can keep the 2600 as the default route for everything, but have pix1 specified as the next hop through the 2600 for some servers, pix2 for others, and pix3 for everything else?

Thanks in advance

5 REPLIES

Re: Next Hop for certain servers?

Yes, you can configure PBR on your 2600 to route traffic based on different criteria including, source address/destination address, source/destination ports and many other criteria.

Here's a couple of links from CCO. Search of CCO for PBR should bring up many more links.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800c75d2.html

http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml

Pls. rate the post if it helped.

HTH,

Sundar

New Member

Re: Next Hop for certain servers?

Having a hard time finding any examples for my needs specificly.

best example, using a 192.168.1.0/24 net

2600 is 192.168.1.1

pix1 is 192.168.1.2

pix2 is 192.168.1.3

server1 is natd through pix1, but has to route traffic to elsewhere on our WAN (say 192.168.2.0/24) but has some hits coming to it through pix1 from the internet.

Can anyone give me any examples on how something like this could be done?

Thanks again

New Member

Re: Next Hop for certain servers?

Hi,

Incoming internet traffic is always depends upon you how you want this to come suppose you have a subnets of public ip address 2.2.2.0/24 than suppose you want incoming internet traffic to come from 1'st T1 than publish that network to that provider.

HTH

New Member

Re: Next Hop for certain servers?

Perhaps I wasnt clear enough, I think you misunderstood.

I'll expand my example.

-begin previous example-

best example, using a 192.168.1.0/24 net

2600 is 192.168.1.1

pix1 is 192.168.1.2

pix2 is 192.168.1.3

server1 is natd through pix1, but has to route traffic to elsewhere on our WAN (say 192.168.2.0/24) but has some hits coming to it through pix1 from the internet.

Add in that the 2600 has routes to all of my other networks (say 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24) and a default route to a user cable internet connection on pix2.

My public IPs are NAT'd through pix1, and pix2 serves for my outgoing users internet.

thanks for any help

New Member

Re: Next Hop for certain servers?

strange, it reposted an earlier post, please ignore this

104
Views
0
Helpful
5
Replies
CreatePlease login to create content