[x]
Posted via EE Mobile

Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.
Question
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
8.6

Having trouble with Route mapping using Cisco 2800 and multiple ISP connections

Asked by richdwa in Network Routers, Miscellaneous Networking, TCP/IP

Tags: Route Map, Cisco router, routing, multiple connections

I am trying to setup Route maps so I can send web/ftp traffic out one interface and all other traffic out the other. A bonus answer would also allow the second connection to serve up the web/ftp traffic in the event the first one goes down.
Maximum points available for this one!!!
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:

!
hostname ROUTER
!
boot-start-marker
boot-end-marker
!
card type t1 0 0
logging buffered 51200 warnings
enable secret 5 (encrypted)
!
aaa new-model
!
!
aaa group server radius sdm-vpn-server-group-1
 server 10.25.0.227 auth-port 1645 acct-port 1646
 server 10.25.0.215 auth-port 1645 acct-port 1646
!
aaa authentication login userauthen group radius local
aaa authentication login vlst-remote local
aaa authentication login CUSTAuthList group radius local
aaa authentication login sdm_vpn_xauth_ml_1 group sdm-vpn-server-group-1 local
aaa authorization network CUSTAuthList local 
aaa authorization network groupauthor local 
aaa authorization network sdm_vpn_group_ml_1 group sdm-vpn-server-group-1 local 
!
aaa session-id common
!
resource policy
!
clock timezone PST -8
clock summer-time PDT recurring
!
!
ip cef
!
!
no ip domain lookup
ip domain name cust.loc
ip ssh source-interface Loopback1
ip ssh rsa keypair-name ROUTER.cust.loc
ip ssh logging events
ip ssh version 2
ip inspect name DEFAULT100 netbios-ssn
ip inspect name CUST-FW http
ip inspect name CUST-FW ftp
ip inspect name CUST-FW tcp
ip inspect name CUST-FW udp
!
!
!
voice-card 0
 no dspfarm
 
controller T1 0/0/0
 framing esf
 fdl both
 clock source line independent
 linecode b8zs
 channel-group 0 timeslots 1-24
 detect v54 channel-group 0
!
controller T1 0/0/1
 framing esf
 fdl both
 clock source line independent
 linecode b8zs
 channel-group 0 timeslots 1-24
 detect v54 channel-group 0
! 
!
crypto isakmp policy 3
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp client configuration group 3000client
 key cisco123
 dns 10.25.0.215 10.25.0.227
 wins 10.25.0.215 10.25.0.227
 domain cust.loc
 pool ippool
 acl 103
crypto isakmp profile sdm-ike-profile-1
   match identity group custvpn
   match identity group 3000client
   client authentication list sdm_vpn_xauth_ml_1
   isakmp authorization list sdm_vpn_group_ml_1
   client configuration address respond
   virtual-template 1
!
!
crypto ipsec transform-set myset esp-3des esp-sha-hmac 
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
!
crypto ipsec profile SDM_Profile1
 set transform-set ESP-3DES-SHA 
 set isakmp-profile sdm-ike-profile-1
!
!
crypto dynamic-map dynmap 10
 set transform-set myset 
!
!
crypto map clientmap client authentication list userauthen
crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dynmap 
!
!
!
interface Loopback1
 ip address x.x.x.225 255.255.255.224
 ip nat outside
 ip virtual-reassembly
 no ip route-cache cef
 no ip route-cache
 no ip mroute-cache
!
interface Multilink1
 description Connection to Internet for all except web and ftp
 ip address x.x.x.130 255.255.255.252
 ip nat outside
 ip inspect CUST-FW out
 ip virtual-reassembly
 ppp multilink
 ppp multilink interleave
 ppp multilink group 1
 ppp multilink fragment delay 50
 crypto map clientmap
!
interface GigabitEthernet0/0
 description CUST Internal LAN
 ip address 10.25.0.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip policy route-map traffic-split
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 description Cable Internet for web and ftp only
 ip address x.x.x.45 255.255.255.252
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1/0
!
interface FastEthernet0/1/1
!
interface FastEthernet0/1/2
!
interface FastEthernet0/1/3
!
interface Serial0/0/0:0
 description CUST T-1 on port 0
 no ip address
 encapsulation ppp
 ppp multilink
 ppp multilink group 1
!
interface Serial0/0/1:0
 description CUST T-1 on port 1
 no ip address
 encapsulation ppp
 ppp multilink
 ppp multilink group 1
!
interface Virtual-Template1 type tunnel
 ip unnumbered Multilink1
 tunnel mode ipsec ipv4
 tunnel protection ipsec profile SDM_Profile1
!
interface Vlan1
 no ip address
 shutdown
!
ip local pool ippool 10.25.1.100 10.25.1.150
ip route 0.0.0.0 0.0.0.0 x.x.x.129
ip route 0.0.0.0 0.0.0.0 x.x.x.46
!
!
no ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat inside source route-map SDM_RMAP_1 interface Multilink1 overload
ip nat inside source static 10.25.0.204 x.x.x.230 route-map SDM_RMAP_3
ip nat inside source static 10.25.0.226 x.x.x.231 route-map SDM_RMAP_2
!
ip radius source-interface GigabitEthernet0/0 
access-list 50 permit 10.25.0.0 0.0.0.255
access-list 100 remark SDM_ACL Category=4
access-list 100 permit ip 10.25.0.0 0.0.255.255 any
access-list 101 permit ip 10.25.0.0 0.0.0.255 any
access-list 103 permit ip 10.25.0.0 0.0.255.255 any
access-list 105 permit ip host 10.25.0.204 any
access-list 108 permit tcp any any eq www
access-list 108 permit tcp any any eq 443
access-list 108 permit tcp any any eq ftp
access-list 109 permit tcp any any
access-list 111 permit udp any host 12.90.194.130 eq non500-isakmp
access-list 111 permit udp any host 12.90.194.130 eq isakmp
access-list 111 permit esp any host 12.90.194.130
access-list 111 permit tcp any host 12.173.184.230 eq smtp
access-list 111 permit tcp any host 12.173.184.230 eq 443
access-list 111 permit tcp any host 12.173.184.231 eq domain
access-list 111 permit udp any host 12.173.184.231 eq domain
access-list 111 permit icmp any any
access-list 111 permit ip any host 12.173.184.225
!
!
!
route-map traffic-split permit 10
 match ip address 108
 set interface GigabitEthernet0/1
!
route-map traffic-split permit 20
 match ip address 109
 set interface Multilink1
!
route-map SDM_RMAP_1 permit 1
 match ip address 101
!
route-map SDM_RMAP_2 permit 1
 match ip address 104
!
route-map SDM_RMAP_3 permit 1
 match ip address 105
!
!
!
radius-server host 10.25.0.215 auth-port 1645 acct-port 1646 key (hidden)
radius-server host 10.25.0.227 auth-port 1645 acct-port 1646 key (hidden)
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 transport input telnet ssh
line vty 5 15
 transport input telnet ssh
!
scheduler allocate 20000 1000
ntp broadcastdelay 10
ntp clock-period 17180279
ntp source GigabitEthernet0/1
ntp master 3
ntp update-calendar
ntp peer 128.9.176.20
ntp server 128.9.176.30 source GigabitEthernet0/1 prefer
ntp server 128.9.176.30 source Multilink1 prefer
ntp peer 69.36.224.15 prefer
ntp peer 128.2.1.21 prefer
!
end
[+][-]09/05/09 05:12 PM, ID: 25268307Accepted Solution

View this solution now by starting your 30-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

About this solution

Zones: Network Routers, Miscellaneous Networking, TCP/IP
Tags: Route Map, Cisco router, routing, multiple connections
Sign Up Now!
Solution Provided By: rochey2009
Participating Experts: 2
Solution Grade: A
 
[+][-]08/30/09 11:08 AM, ID: 25218548Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08/30/09 11:24 AM, ID: 25218602Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08/30/09 12:33 PM, ID: 25218924Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08/30/09 01:43 PM, ID: 25219246Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]09/04/09 05:55 PM, ID: 25264480Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]09/05/09 01:42 AM, ID: 25265372Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]09/05/09 08:31 AM, ID: 25266553Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]09/05/09 10:11 AM, ID: 25266955Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]09/05/09 11:15 AM, ID: 25267179Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]09/05/09 12:30 PM, ID: 25267419Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]09/05/09 04:24 PM, ID: 25268195Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]09/05/09 04:42 PM, ID: 25268232Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]09/05/09 05:04 PM, ID: 25268284Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]09/05/09 05:09 PM, ID: 25268301Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]09/05/09 05:40 PM, ID: 25268388Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
 
Loading Advertisement...
20091111-EE-VQP-92 - Hierarchy / EE_QW_3_20080625