Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

second Internet connection

Hello;

I have Internet connection to ISP terminated to FW 525 with multiple zones.

everything working fine.

new demand required separate internet connection dedicated to outside users who will access new servers in new DMZ.

means new Internet connection with new zone.

can anybody advice how's this doable ?

in the FW i can;t do a route map, i have a default router to the current ISP.

I will do the following:

FW:

---

1) Create new Servers DMZ

2) Create new outside zone (outside2) with security level 1

3) connect the internal leg of the second internet router to outside2.

4) Static (server_dmz , internal_leg_IP)

Internet router:

----------------

Do Natting :

Nat the internal_leg_IP to Real IP.

Traffic flow:

outside user--> Real IP --> internal_leg_IP --> server_dmz.

My question : since the default router of the router is the first ISP; does this will cause a problem.

2 REPLIES

Re: second Internet connection

Yes this will.

Try this

terminate both links on the internet route 1 & do a route map on the interface connectecd to the Firewall

Bronze

Re: second Internet connection

hii...use PBR in this scenario..wht can be done is if u have another internet link comin in hv a normal s/w in before ur f/w..

which will terminate both links in different interfaces of the f/w.

then use PBR to match the traffic for each source..dmz and et al..and force it to use different next hops as per the traffic.

pls rate if this helps.

108
Views
0
Helpful
2
Replies