router help needed ....urgent

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Hi Techies....

I'm stuck in a problem....as i'm not very well with cisco routers...

I have a cisco router 1800 series with a 4 port fast ethernet card.
now i have attached both the internet isp's (A and B) over ethernet to
this router, now what i need is that all my traffic for internet from
lan A (192.168.1.0/24) should be routed to isp A and all from lan B
(10.220.16.0/24)should be routed to isp B.

Please ckick the link for the diagram.
http://img248.imageshack.us/my.php?image=drawing1jq5.jpg

Thanks..............


Re: router help needed ....urgent
Your going to have to run NAT.  Then route 192.168.1.0 to FE1/2 and
10.220.16.0 to fe1/3
Quoted text here. Click to load it



Re: router help needed ....urgent - Part 1 - Basic Config
Quoted text here. Click to load it

Here is your basic config (part 1 of 2):

--


no service pad
no service config
no service finger
no service tcp-small-servers
no service udp-small-servers
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname [router name]
!
no aaa new-model
!
enable secret [enable mode password]
no enable password
!
clock timezone [timezone name] [timezone offset]
clock summer-time EST recurring 2 Sun Mar 2:00 2 Sun Nov 2:00
!
ip subnet-zero
no ip source-route
no ip domain-lookup
ip domain-name [anything resembling your Internet domain name]
!
interface FastEthernet1/0
 description *** Inside Network - LAN A ***
 ip address 192.168.1.254 255.255.255.0
 ip nat inside
 speed auto
!
interface FastEthernet1/1
 description *** Inside Network - LAN B ***
 ip address 10.220.16.254 255.255.255.0
 ip nat inside
 speed auto
!
interface FastEthernet1/3
 description *** Outside Internet - ISP A***
 ip address dhcp
 ip access-group firewall in
 ip nat outside
 speed auto
!
interface FastEthernet1/4
 description *** Outside Internet - ISP B ***
 ip address dhcp
 ip access-group firewall in
 ip nat outside
 speed auto
!
ip nat inside source list 109 interface Ethernet0 overload
!
ip classless
no ip http server
no ip http secure-server
!
ip access-list standard 109
 permit ip 192.168.1.0 0.0.0.255 any
 permit ip 10.220.16.0 0.0.0.255 any
!
logging buffered 4096 debugging
logging trap debugging
!
line con 0
 exec-timeout 15 0
 login
 password [login password]
line vty 0 15
 exec-timeout 15 0
 password [login password]
 login
 transport input ssh telnet
end


--

     ===========
     Scott Perry
     ===========
Indianapolis, Indiana
________________________________________



Re: router help needed ....urgent - Part 2 - Policy Based Routing
Quoted text here. Click to load it

Here is your policy based routing config (part 1 of 2):

--


interface FastEthernet 0/1
 ip policy route-map dualisp
!
interface FastEthernet 0/2
 ip policy route-map dualisp
!
route-map dualisp permit 10
 match interface FastEthernet1/0
 set interface FastEthernet1/2
route-map dualisp permit 20
 match interface FastEthernet1/1
 set interface FastEthernet1/3
route-map dualisp permit 30


--

This is the basic framework of policy based routing (PBR) and was not tested
for your implementation.  Reference policy based routing on Cisco's website
throught the following links:

Link #1 - About PBR
     www.cisco.com
     Products and Services
     Cisco IOS Software
     IP Routing and Services
     IP Routing
     Policy Based Routing (PBR)

Link #2 - Configuring PBR
http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a008075fae6.html

I would recommend testing this and then making variations.  The above
configuration may not be as flexible to allow inter-LAN routing between
FastEthernet1/0 and FastEthernet1/1.  Try changing the "match" statements to
"match ip address [access-list number]" to set the conditions of what the
inbound traffic criteria is.  Try changing the placement of the policy to
function on the LAN interfaces if this provided configuration does not work.
Perhaps placing the policy on the LAN interfaces and setting the match
criteria different will work better.  Try it out and make sure you do your
research (read the documents).

     ===========
     Scott Perry
     ===========
Indianapolis, Indiana
________________________________________



Site Timeline