We currently have a single connection out to our company WAN, which we currently route traffic through which is destined to the Internet (as well as systems hosted within the organisationl WAN).
My question is this:- If we were to install a second connection on site, which connects directly to the Internet, how would we route Internet traffic out of one connection and local (WAN) traffic out of the existing connection ?
We currently have 2 x PIX 515e's (failover config) connecting to 2 x 7200's (HSRP config) for out existing connection, but the proposed connection could be sepearte from these (additional router/Firewall).
basically, you would need to route specific traffic to your existing PIX firewalls, and the rest to the new connection, by means of a default route. Let's say your internal network that you need to reach is 192.168.0.0/16, you could configure a static route for that network pointing to your existing PIX:
ip route 192.168.0.0 0.0.255.255 10.1.1.1
where 10.1.1.1 is the IP address of the PIX.
The default route:
ip route 0.0.0.0 0.0.0.0 172.16.1.1
where 172.16.1.1 is the IP address of the new connection, this would take care of the remainder of the traffic (Internet traffic).
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.