?
Solved

Policy Based Routing

Posted on 2009-07-06
4
Medium Priority
?
189 Views
Last Modified: 2012-05-07
I have two networks built at one of my remote offices. 10.80.33.0/24 is on my MPLS link to corporate. 192.168.100.0/24 goes out a local T1 for internet access. I want to route all web traffic (port 80) from the 10.80.33.0 network out over the T1 on the 192.168.100.0/24 network. there is an ISA proxy on the 192 network between the internet router and the 192 network.
0
Comment
Question by:dtadmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 

Author Comment

by:dtadmin
ID: 24789121
I have attached a diagram of the network involved with this posting.
network.JPG
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 24791225
Will the ISA Proxy allow the 10.80.33.x network to bypass it for www access? If not, simply set the proxy settings on any hosts on the 10.80.33.0 network
A route-map can easily forward the traffic, but not if the ISA won't allow it through, and I assume from your diagram that it is also doing NAT, so it has to be configured to nat the 10.80.33.0 network, needs a route to the 10.80.33.0 network pointing to 192.168.100.2

I can help with the route-map, but not the ISA config

access-list 121 permit tcp 10.80.33.0 0.0.0.255 any eq www
route-map WWW permit 10
 match ip address 121
 set ip next-hop 192.168.100.1
interface fe0/0.1
 ip policy route-map WWW

0
 

Author Comment

by:dtadmin
ID: 24793146
are you assuming the ISA box is 192.168.100.1 in the config above?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 24799709
I was assuming that the ISA is the default gateway for the 192.168.100.x network, and that its network IP is 192.168.100.1... substitute appropriately to fit your layout.

Thanks!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month13 days, 14 hours left to enroll

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question