Solved

Setup both T1 and Cablemodem on the same network.

Posted on 2007-03-26
4
248 Views
Last Modified: 2008-03-10
My office currently has a T1 and we keep getting new employees and we are outgrowing it quickly so we ordered a business class cablemodem which is 8M down and 1M up.  What I want to do is keep the T1 for the critial devices such as our mail server and printers for remote printing and use the cablemodem for all of the employees computers; I would like both the cablemodem and T1 on the same local network so that we can access what is on the T1 and Cablemodem as if it were on the same local network.

I am unsure as to how I would hook the cablemodem up to our switch so that we can pretty much keep our computers and our current network the same but just have our traffic for the internet routed through the cablemodem.

We currently have the following network equiptment:
   - Cisco Catalyst 2950
   - Cisco PIX 501 6.3(3)

So, what I need to know how to do is hook up both the T1 and Cablemodem to the same switch and be able to utilize all of the devices on the network as if they were local and just have the employees computers access the internet using the cablemodem and have all of our servers and printers access the internet using the T1.

Thanks a bunch.
0
Comment
Question by:RWJDCom
  • 2
4 Comments
 
LVL 28

Expert Comment

by:batry_boy
ID: 18793115
What type of router is terminating the T1?  If you want some traffic to go to the T1 and the other to go out a different way (cable modem), you'll need to implement PBR (Policy Based Routing), but you'll need a router that can do this type of thing.  See the following article on how Cisco does it:

http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml

You could always use VLAN's to separate the two groups of devices into different subnets and then have different default gateways (the router with the T1 for the first DG and the cable modem as the second DG), but it sounds like you don't want to do this.  However, this would obviate the need for PBR.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 18793174
Unfortunately, what you have makes it difficult.
The cable modem should give you a public IP address and does not provide any routing or firewall capabilities.
The PIX501 cannot handle dual external connections
The 2950 switch is a dumb layer2 switch only and cannot make any routing decisions.

It is not as simple a job as you might have hoped it to be. Assuming that the current PIX501 is the default gateway for the LAN, it has limitations in that even if you add another firewall to the cable modem, it won't divert some packets out one way, and other packets thatm eet different criteria out another gateway on the same local LAN.

The key lies in the device that is currently terminating the T1, what type of router it is, and how much control you have over it... PBR is part of the solution, but only if you control the T1 router and it has the capabilities.
Else you're going to have to get a new device that has better routing capabilities and/or dual WAN feature. There are plenty of dual-wan firewalls out there but none of them are Cisco.
0
 
LVL 8

Author Comment

by:RWJDCom
ID: 18796045
I just did a search for Dual WAN firewalls and I found one by Netgear, do you think that will work for what I am trying to do?

http://www.netgear.com/Products/VPNandSSL/WiredVPNFirewallRouters/FVS124G.aspx

Thanks,

Jeff
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 18796117
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now