Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Separate Internet and LAN Network Traffic

I have a couple of branch offices that currently routes all traffic to the corporate office. Is there a way to separate Internet traffic from LAN traffic that come from the branch office to the corporate office?

In one branch office we have added a second T1 for Internet traffic and the other we have added a DSL line. The branch office with the T1 we have a web filter connected to a PIX515E which is connecting to the T1. I would like to direct Internet traffic thru the web filter to the PIX out to the new T1 line.

The other branch office we DSL modem connected to the router and I would like to send Internet traffic to the DSL modem without distrusting LAN traffic to the corporate office.

Any assistance would be helpful.

11 REPLIES
New Member

Re: Separate Internet and LAN Network Traffic

Hi keyyo0200,

You can use Policy base routing in this case.

With the help Policy base routing you can set different next hop for different traffic base on the destination or source of the traffic.

Please rate.

New Member

Re: Separate Internet and LAN Network Traffic

Could you direct me to some documentation

Silver

Re: Separate Internet and LAN Network Traffic

Here is a link for the PBR.

http://www.cisco.com/warp/public/732/Tech/plicy_wp.htm

This really is your best option for what you want to do.

Here is a link with config examples

http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfpbr_ps1835_TSD_Products_Configuration_Guide_Chapter.html

New Member

Re: Separate Internet and LAN Network Traffic

Hi,

Could you pls make one network diagram and send me with ip schem details then i can help to achive ur object.

my email address : khuranasanjay@gmail.com

New Member

Re: Separate Internet and LAN Network Traffic

I sent you a Visio diagram and I also have attached it in the posting. IP address have been changed.

Thanks

Silver

Re: Separate Internet and LAN Network Traffic

Based on what you sent it appears like you could use routing statements.

ip route 0.0.0.0 0.0.0.0

then add specific routes as you have listed to the specified network of the destination/nexthop.

for example.

Traffic from 172.16.64.0

ip route 150.225.155.0 255.255.255.0 150.225.155.213

This will take any traffic destined for this network and force it out to the 150.225.155.213 as the next hop.

the all zero's route will send everything else out to the internet.

New Member

Re: Separate Internet and LAN Network Traffic

I would like to divert the Internet traffic to the webfilter and thru the PIX to the internet.

LAN traffic to corporate offic example:

ip route 172.16.64.0 255.255.192.0 150.225.155.213

Internet traffic example:

ip route 0.0.0.0 0.0.0.0 192.168.64.9

Is this want you are talking about.

Silver

Re: Separate Internet and LAN Network Traffic

yes.

Basically whatever your default routes point to that eventually get to the internet is where you want the all zero's route.

Allother traffic will be pointed directly out to the other route.

New Member

Re: Separate Internet and LAN Network Traffic

Thanks I will try this.

Silver

Re: Separate Internet and LAN Network Traffic

I see that there was a rating given to someone that said to do the same thing I provided but not sure if it resolved your matter or not.

Please confirm if your issue is resolved or if you have questions still.

Thanks,

Rick

New Member

Re: Separate Internet and LAN Network Traffic

Hi Bryan,

as per your network diagram, u can do one thing in your router just define default route toward Barracuda Web Filter & Barracuda Web Filter must have a Default G/W toward Pix.

like this

PC->Default G/w - Router Default G/W -Barracuda Web Filter Default G/w - Pix Default G/w - Internet.

2217
Views
4
Helpful
11
Replies
CreatePlease to create content