Setup both T1 and Cablemodem on the same network.
My office currently has a T1 and we keep getting new employees and we are outgrowing it quickly so we ordered a business class cablemodem which is 8M down and 1M up. What I want to do is keep the T1 for the critial devices such as our mail server and printers for remote printing and use the cablemodem for all of the employees computers; I would like both the cablemodem and T1 on the same local network so that we can access what is on the T1 and Cablemodem as if it were on the same local network.
I am unsure as to how I would hook the cablemodem up to our switch so that we can pretty much keep our computers and our current network the same but just have our traffic for the internet routed through the cablemodem.
We currently have the following network equiptment:
- Cisco Catalyst 2950
- Cisco PIX 501 6.3(3)
So, what I need to know how to do is hook up both the T1 and Cablemodem to the same switch and be able to utilize all of the devices on the network as if they were local and just have the employees computers access the internet using the cablemodem and have all of our servers and printers access the internet using the T1.
Thanks a bunch.
I am unsure as to how I would hook the cablemodem up to our switch so that we can pretty much keep our computers and our current network the same but just have our traffic for the internet routed through the cablemodem.
We currently have the following network equiptment:
- Cisco Catalyst 2950
- Cisco PIX 501 6.3(3)
So, what I need to know how to do is hook up both the T1 and Cablemodem to the same switch and be able to utilize all of the devices on the network as if they were local and just have the employees computers access the internet using the cablemodem and have all of our servers and printers access the internet using the T1.
Thanks a bunch.
Unfortunately, what you have makes it difficult.
The cable modem should give you a public IP address and does not provide any routing or firewall capabilities.
The PIX501 cannot handle dual external connections
The 2950 switch is a dumb layer2 switch only and cannot make any routing decisions.
It is not as simple a job as you might have hoped it to be. Assuming that the current PIX501 is the default gateway for the LAN, it has limitations in that even if you add another firewall to the cable modem, it won't divert some packets out one way, and other packets thatm eet different criteria out another gateway on the same local LAN.
The key lies in the device that is currently terminating the T1, what type of router it is, and how much control you have over it... PBR is part of the solution, but only if you control the T1 router and it has the capabilities.
Else you're going to have to get a new device that has better routing capabilities and/or dual WAN feature. There are plenty of dual-wan firewalls out there but none of them are Cisco.
The cable modem should give you a public IP address and does not provide any routing or firewall capabilities.
The PIX501 cannot handle dual external connections
The 2950 switch is a dumb layer2 switch only and cannot make any routing decisions.
It is not as simple a job as you might have hoped it to be. Assuming that the current PIX501 is the default gateway for the LAN, it has limitations in that even if you add another firewall to the cable modem, it won't divert some packets out one way, and other packets thatm eet different criteria out another gateway on the same local LAN.
The key lies in the device that is currently terminating the T1, what type of router it is, and how much control you have over it... PBR is part of the solution, but only if you control the T1 router and it has the capabilities.
Else you're going to have to get a new device that has better routing capabilities and/or dual WAN feature. There are plenty of dual-wan firewalls out there but none of them are Cisco.
ASKER
I just did a search for Dual WAN firewalls and I found one by Netgear, do you think that will work for what I am trying to do?
http://www.netgear.com/Products/VPNandSSL/WiredVPNFirewallRouters/FVS124G.aspx
Thanks,
Jeff
http://www.netgear.com/Products/VPNandSSL/WiredVPNFirewallRouters/FVS124G.aspx
Thanks,
Jeff
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml
You could always use VLAN's to separate the two groups of devices into different subnets and then have different default gateways (the router with the T1 for the first DG and the cable modem as the second DG), but it sounds like you don't want to do this. However, this would obviate the need for PBR.