Re: Need help two default gateways

From: v.shekhar@yahoo.com
Date: Sun Jan 06 2008 - 14:48:31 ARST

• Next message: Bob Sinclair: "Re: OSPF database not populating route table"
• Previous message: Tony Schaffran: "testing email"
• Maybe in reply to: Muhammad Saleem: "Need help two default gateways"
• Next in thread: Muhammad Saleem: "RE: Need help two default gateways"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

With my interpretation of the problem here are the three possible solutions:

a) On the Switch Change the default gateway to point to ISA servers internal IP address instead of PIX, and at the same time change the Default gateway on the email server to point to the PIX's inside interface. Put a static route for VLAN 102 on Email server pointing to int VLAN 101 incase it should be reachable by VLAN 102.

OR--
b.)use route map on the switch so that any packets coming from VLAN 102 should be directed towards ISA server and keep other things as it is.

OR--
c.) Move the ISA server in VLAN 102 and use it as default gateway for all the clients.
 

In my opinion Option "a" is the best solution.
Let me know if I understood the scenario correctly.

Thanks,
-sHekHar.
CCIE#17589/CISSP/RHCE.

----- Original Message ----
From: Muhammad Saleem <msaleems@gmail.com>
To: ccielab@groupstudy.com
Sent: Sunday, January 6, 2008 7:38:14 PM
Subject: Need help two default gateways

Hi gurus,

I have one Pix Firewall with (Internal and External NIC) and one
 Microsoft
ISA proxy server with (Internal and External NIC).

Tow VANS, VLAN 101 for Pix and ISA Proxy server VLAN 102 for all of my
clients.

Both Pix and ISA Proxy internal NIC are connected to Cat 3750 layer 3
switch.

I am using Pix as firewall for protecting Email server which is located
inside of my internet and its part of VLAN 101, and Emails server's
 default
gateway id the IP addresses of VLAN 101.

I have already defined the following in CAT 3750

ip route 0.0.0.0 0.0.0.0 192.168.43.22(IP Address of Internal NIC of
 Pix
firewall)

so if my Email server wants to send or receive emails it uses Pix
 firewall
as default gateway, its all working fine

Problems starts here when my inside users wants to use internet through
Microsoft ISA proxy server

My all clients are Secure Net type of clients, which means they will
 use
Microsoft ISA server as a default gateway or default router in the same
manner as my Email server is using Pix firewall.

How can I create two default gateways with different forwarding IP
addresses? In the manner that if the source IP is email server then use
 Pix
as default gateway but if the request comes from VLAN 102 clients then
 use
Microsoft IS Proxy server IP address as default gateway?

I will really appreciate all the responses.

Saleem

• Next message: Bob Sinclair: "Re: OSPF database not populating route table"
• Previous message: Tony Schaffran: "testing email"
• Maybe in reply to: Muhammad Saleem: "Need help two default gateways"
• Next in thread: Muhammad Saleem: "RE: Need help two default gateways"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:37:58 ARST