asked on 7/23/2008

Cisco Router ACL Help Needed?????

Hi Friends

I have cisco 7204 router with 2 wan interfaces and 1 lan interface.
i wish that all port 80 traffic goes to wan1 and all other (non port 80) traffic goes to wan-2.

Lan is fastethernet0/0 ip is 203.189.96.4 255.255.255.0
Wan1 is Ethernet1/0 ip is 202.125.116.1 255.255.255.252
Wan2 is Ethernet2/0 ip is 202.125.117.1 255.255.255.252

routes are as follow

ip route 0.0.0.0 0.0.0.0 202.125.116.1
ip route 0.0.0.0 0.0.0.0 202.125.117.1

please write full configuration for me.
i will be really thankful

regards

Networking Routers Telecommunications

Last Comment

OptiMisTic

8/2/2008

bkepford

7/23/2008

Here you go You may want to use the "set next hop " instead on the route-maps instead of the "set interface Ethernet 1/0" but I didn't have the IPs to put in the configuration here is an example.
set next hop 202.125.116.2

ip access-list extended POLICY_WEB
  permit tcp any any eq www
 
int fastethernet 0/0
ip policy route-map POLICY_ROUTING
exit
route-map POLICY_ROUTING permit 10
 match ip address POLICY_WEB
 set interface Ethernet1/0
 
route-map POLICY_ROUTING permit 20
 set interface Ehternet 2/0
exit

Open in new window

OptiMisTic

7/23/2008

ASKER

Hi
Thank you for your reply. its really looks like working . but still i need some more help
bellow is my router config

___________________________________________________________________________________
BroadBand>en
Password:
BroadBand#sh run
Building configuration...

Current configuration : 39999 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname BroadBand
!
enable secret 5 $1$WD.P$SfMDL7UmVETj5P1
!
username john password 7 075A744D421B17
!
ip subnet-zero
ip cef
!
!
ip name-server 203.135.96.6
ip name-server 203.135.96.7
!
!
call rsvp-sync
!
interface Fastethernet0/0
ip address 203.135.96.1 255.255.255.0
duplex full
description LAN
!
interface Ethernet4/0
ip address 202.125.116.2 255.255.255.252
duplex full
description WAN-1
!
interface Ethernet4/1
ip address 202.125.117.2 255.255.255.252
duplex full
description WAN-2
!
interface Ethernet4/2
no ip address
shutdown
duplex half
!
interface Ethernet4/3
no ip address
shutdown
duplex half
!
ip classless
ip route 0.0.0.0 0.0.0.0 202.125.116.1
ip route 0.0.0.0 0.0.0.0 202.125.117.1 10

no ip http server
ip pim bidir-enable
!
!
dial-peer cor custom
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
password 7 135071E0A
line aux 0
line vty 0 4
password 7 035A0A1D2F
transport input telnet
!
end

BroadBand#
___________________________________________________________________________________

as you can see i have two WAN Links but i m not using both at same time to get full banifit.

i wish that all traffic of my LAN should devide in two parts.
1 should be port 80 traffic
which use only WAN-1
and
2nd should be all other traffic (non port 80).
which use only WAN-2

so i request you to please change my above mentioned configuration to fullfill these requirments.

i will be really very very thankful.

Best Regards

ASKER CERTIFIED SOLUTION

bkepford

7/23/2008

THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.

View this solution by signing up for a free trial.

Members can start a 7-Day free trial and enjoy unlimited access to the platform.

See Pricing Options

Start Free Trial

OptiMisTic

8/2/2008

ASKER

Dear bkepford

after doing as you told. every thing became fine and i got required results but i got a strange problem.

i am unable to comunicate from 1 subnet to another which are direcly connected to my router.
also i am unable to ping or telnet my router from out side world, however its working from inside.

please help me urgently.

i will be really thankful

Regards