Solved

Policy Based Routing

Posted on 2009-07-06
4
187 Views
Last Modified: 2012-05-07
I have two networks built at one of my remote offices. 10.80.33.0/24 is on my MPLS link to corporate. 192.168.100.0/24 goes out a local T1 for internet access. I want to route all web traffic (port 80) from the 10.80.33.0 network out over the T1 on the 192.168.100.0/24 network. there is an ISA proxy on the 192 network between the internet router and the 192 network.
0
Comment
Question by:dtadmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 

Author Comment

by:dtadmin
ID: 24789121
I have attached a diagram of the network involved with this posting.
network.JPG
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 24791225
Will the ISA Proxy allow the 10.80.33.x network to bypass it for www access? If not, simply set the proxy settings on any hosts on the 10.80.33.0 network
A route-map can easily forward the traffic, but not if the ISA won't allow it through, and I assume from your diagram that it is also doing NAT, so it has to be configured to nat the 10.80.33.0 network, needs a route to the 10.80.33.0 network pointing to 192.168.100.2

I can help with the route-map, but not the ISA config

access-list 121 permit tcp 10.80.33.0 0.0.0.255 any eq www
route-map WWW permit 10
 match ip address 121
 set ip next-hop 192.168.100.1
interface fe0/0.1
 ip policy route-map WWW

0
 

Author Comment

by:dtadmin
ID: 24793146
are you assuming the ISA box is 192.168.100.1 in the config above?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 24799709
I was assuming that the ISA is the default gateway for the 192.168.100.x network, and that its network IP is 192.168.100.1... substitute appropriately to fit your layout.

Thanks!
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
#Citrix #Netscaler #MSSQL #Load Balance
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question