From: David Prall (dcp@dcptech.com)
Date: Wed Nov 14 2007 - 11:30:57 ART
The problem you have is that only a single default route will be used, no
matter which address is connected to. So you need to use that for one of
them, and then use Policy Based Routing for the other based on source
address so that it returns via the correct ISP.
-- http://dcp.dcptech.com> -----Original Message----- > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On > Behalf Of Muhammad Saleem > Sent: Wednesday, November 14, 2007 2:16 AM > To: 'Mohamed, Liban [NTK]' > Cc: ccielab@groupstudy.com; dcp@dcptech.com > Subject: RE: Two default gateway (IP Route ..) > > VSAT-----CE1 (VSAT Modem>>External NIC of Pix FW >> Internal > NIC of Pix FW > >>Internal Server (P-DNS, WEB, Email) > DSL------CE2 (DSL Modem>>External NIC of Microsoft ISA FW >> > Internal NIC of > Microsoft ISA FW >> Internal Server (S-DNS, WEB, Email) > Pix internal NIC, Microsoft ISA internal NIC and Internal servers are > connected in CISCO Catalyst 3750 switch and belong to same > VLAN, and I am > configuring static routes in the same switch. > > Saleem > > -----Original Message----- > From: Mohamed, Liban [NTK] [mailto:Liban.Mohamed@sprint.com] > Sent: Wednesday, November 14, 2007 9:31 AM > To: Muhammad Saleem > Subject: RE: Two default gateway (IP Route ..) > > Mohamed so just to understand your set up. > > > VSAT-----CE1-----Internal Server (P-DNS, WEB) > DSL------CE1-----Internal Server (S-DNS, WEB-Server) > > You want the DSL to take over in case the VSAT fails right? Since the > VSAT and the DSL comes to one CE you want to enter flooding > static route > for default-route, that should work just fine, as you have setting the > admin distance of 192.168.43.10 to 50, hence it will be a back up > > > Thanks, > > Liban Mohamed > NTAC-IP > Sprint/Nextel > www.sprint.net > liban.mohamed@sprint.com > (W) 678-291-3438 > (PCS) 404-441-9701 > > > > -----Original Message----- > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On > Behalf Of > Muhammad Saleem > Sent: Wednesday, November 14, 2007 12:47 AM > To: groupstudy@cconlinelabs.com > Cc: ccielab@groupstudy.com > Subject: RE: Two default gateway (IP Route ..) > > I have P.DNS and S.DNS servers, hosting inside of network, already > registered with the SaudiNIC, P.DNS contains IP Add from > ISP-1(connected > with VSAT), S.DNS will contains IP Add from ISP-2 (connected > with DSL), > If client is trying to access Web server it will go through > P.DNS and if > ISP-1 link is down then the client request will go through > S.DNS (ISP-2, > DSL > link) and will reach my Web server. > I have not implemented this scenario yet but I think its gona work. > If I add one more IP Route like > ip route 0.0.0.0 0.0.0.0 192.168.43.2 > ip route 0.0.0.0 0.0.0.0 192.168.43.10 50 > > Is it gona solve my problem? > > Saleem > > -----Original Message----- > From: Tony Schaffran [mailto:groupstudy@cconlinelabs.com] > Sent: Wednesday, November 14, 2007 5:05 AM > To: 'Muhammad Saleem'; ccielab@groupstudy.com > Subject: RE: Two default gateway (IP Route ..) > > For what you are trying to accomplish, I am affraid it is a > little more > complicated than it seems. > > Without BGP, to get inbound traffic to your web and mail servers, you > will > need something like a Fatpipe device or some kind of dynamic DNS > implementation. > > > Tony Schaffran > Network Analyst > CCIE #11071 > CCNP, CCNA, CCDA, > NNCDS, NNCSS, CNE, MCSE > > www.cconlinelabs.com > Your #1 choice for online Cisco rack rentals. > > > -----Original Message----- > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On > Behalf Of > Muhammad Saleem > Sent: Tuesday, November 13, 2007 7:23 AM > To: ccielab@groupstudy.com > Subject: Two default gateway (IP Route ..) > > Hi Experts, > > > > This is a little odd question but related to one of the > routing issues. > > I have one L3 switch, one Server VLAN, Two ISPs, one is through VSAT > which > is primary link and second one is DSL link. > > VSAT is further connected to outside interface of CISCO Pix Firewall > protecting Web and Email server. > > DSAL is further connected to Microsoft ISA firewall outside interface, > ISA > FW will be use to publish Web and Email servers > > > > I am going to provide availability of Web and Email servers in case of > VSAT > link is down. > > In CISCO Cat 3750 switch I have defined VLAN for Web and Email servers > and > in servers Default Gateway IP I defined the IP address of VLAN IP > address > (SVI IP address) > > in CISCO Cat 3750 > > ip route 0.0.0.0 0.0.0.0 192.168.43.2 > > (192.168.43.2 is the Internal IP of CISCO Pix firewall) > > With this switch configuration VSAT connection is working > fine and I can > access web and email server from outside and inside. > > > > I want to use DSL link for inbound connection only if main > VSAT link is > down, people should be able to access web and Email server from > Internet. > > > > Now, I am going to add DSL connection in my network so, should I just > add > one more > > IP ROUTE entry in my L3 switch like > > ip route 0.0.0.0 0.0.0.0 192.168.43.10 ? > > (192.168.43.10 is the inside IP of Microsoft ISA firewall) > > > > Is this enough to get web and email service availability or > what should > I do > more?? > > How can I define two Gateways with different distance, so the > L3 switch > recognize that main VSAT link (CISCO Pix) is down so use the DSL > link(ISA > Server). > > > > I will appreciate all the responses. > > ______________________________________________________________ > _________ > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html > > ______________________________________________________________ > _________ > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html > > ______________________________________________________________ > _________ > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:29 ART