shankshank
asked on
Cisco 2600 and failover
I have a Cisco 2600 series router which has 2 T1s coming into it. One ethernet port is connected to my ASA5510. I wanted to setup a site to site VPN using my DSL connection which i was able to do by connecting the DSL to the ASA and configuring VPN access through DSL interface and all other traffic through the T1. They both were setup to failover to each other too, which was great.
Now here's the next dilemma. I want to setup my certain outbound traffic (based on IP) to use the DSL interface, and other traffic to use T1. I've been told the ASA cannot do this, so I will need to configure this on my 2600 Router. Is this possible?
Ideally I would like this to work, and then if the link is down on the t1s, traffic would goto the DSL, and vice versa
Now here's the next dilemma. I want to setup my certain outbound traffic (based on IP) to use the DSL interface, and other traffic to use T1. I've been told the ASA cannot do this, so I will need to configure this on my 2600 Router. Is this possible?
Ideally I would like this to work, and then if the link is down on the t1s, traffic would goto the DSL, and vice versa
ASKER
But I assume that would not work if my ASA was doing NAT..right
PBR is configured with route maps. The traffic is matched against an ACL and the options are
standard ACL in which you specify the source of the packet
extended ACL in which you specify the source and destination.
If you use NAT on the ASA you will have the same IP address but it all depends what kind of NAT is implemented and what are the fields in the IP datagram you want to match in the ACL.
standard ACL in which you specify the source of the packet
extended ACL in which you specify the source and destination.
If you use NAT on the ASA you will have the same IP address but it all depends what kind of NAT is implemented and what are the fields in the IP datagram you want to match in the ACL.
ASKER
Yeah only the IP is shown to the routeer from ASA
so best case scenario would be
port 25 in (for email server), VPN, use t1
all other traffic (80, 443, web streaming, media, etc) use DSL
that makes sense? or is there a better PBR
so best case scenario would be
port 25 in (for email server), VPN, use t1
all other traffic (80, 443, web streaming, media, etc) use DSL
that makes sense? or is there a better PBR
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
here is a quick example.
http://www.petri.co.il/how-to-use-cisco-ios-policy-based-routing-features.htm