Cisco Router ACL rule for multiple IPs to use different gateway

Is there rule i can define multiple IP (hosts) to use different gateway?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ernie BeekExpertCommented:
You could try policy based routing, depending on how you define the ACLs you should be able to point hosts to a different gateway.
MoonLiveAuthor Commented:
Ernie, is that require two interface? I have 0/0 and 0/1 interface.  I can't add additional interface on this router.
Ernie BeekExpertCommented:
Not necessary. Where is the second gateway, on the in- or outside?
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

MoonLiveAuthor Commented:
0/0 is WAN and 0/1 is LAN. second gateway is on 0/0 side.
Ernie BeekExpertCommented:
No, problem. You set the next hop using an IP address and apply the policy to the incoming interface (LAN). So you can use this with any number of interfaces (also two).
MoonLiveAuthor Commented:
If I give you an specific interface..

Router 1
   0/0 (to remote sites)
   0/1  LAN and provide Internet
Router 2
    0/0  (to main office)
    0/1 (to lan)
    0/0/0 (to Internet)
Router 3
   0/0 (to main office)
   0/1 (to lan)

Router 2 and Router 3 can ping each other by 0/0 interface.
How can I router 3 users to access Router 2 0/0/0 interface to access Internet while Router 3 user access Router 1 data?

MoonLive you have two questions for the same thing, but be careful with problem what you are trying to solve, it could create a much bigger of problems if you don't plan it carefully (this should sound a little bit scary, and you should be at least worried at this moment if not terrified).
What you are trying to do can be done by PBR, but the missing part is that PBR ignores routing table completely.
If you don't do this properly... you will end up with PBR forwarding traffic from router 3 to router 2 and then router 2 forward the same traffic to router 1 - where traffic should end up in the first place if there was no PBR in place (and the same thing will happen to the other traffic flow). So practically you will waste your own bandwidth for nothing.
The first what you should do in route-map for PBR is to deny local traffic (for your 10.x.x.x networks) to be PBRd and then you can use PBR to forward all other traffic.
That was the part that is really important, but at least it is easy for implementation.

I saw on other question that you have
20mb Metro E line between all routers
and your internet is faster than your MetroE so you could end up with MetroE overloaded with internet traffic, so you should, most likely, implement QoS in your network to have prioritization of traffic and some kind of limitation for specific types of traffic etc...
That is much harder to implement, but you will have to do it, otherwise you are doomed...
Was that really scary?

So, it is basically good idea, but don't rush it, think it through and plan it carefully.
Many bad things started as a great ideas.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MoonLiveAuthor Commented:
Predrag Jovic,  Thanks again!!! Can i create rule just few host access Router 2 Internet?
You can do almost whatever you want with PBR. To select few hosts and forward that traffic is not problem, just give static IP addresses to those hosts and configure PBR correctly. You need also to deny local traffic first even with just few hosts.
But, anyway, you should start to learn implement QoS, you'll need it very soon.

To correct myself, you already need it.
MoonLiveAuthor Commented:
I tried Qos and I haven't get any luck with it. It seems always issue with internet traffic and file sharing.  Especially, dropbox, streaming video, video chatting, and Office 365. More over, we are start use Skype for all our meeting. 20mb seems getting smaller and smaller. Do you have any idea?
For beginning Skype - bad idea. Did you hear about skype supernode?
At least you should disable that nasty bugger...
In fact - read this one - it can help you a lot.
Lync does not sound as a bad idea anymore, even if you need to pay for it.

For QoS to be implemented properly you need to know exactly what you want to prioritize and mark traffic end do end to end QoS in your case.
There is no fast solution for this one, each network is different.
Supernode registry settingsIf you have Active Domain in your network you should create policy to add registry that will disable Skype SuperNode on every device. Otherwise, Skype use you for some purposes (and eat your bandwidth), while you are using Skype.
Or you can save this in .txt file and change extension to .reg and run it on every PC with Skype.
Windows Registry Editor Version 5.00

Open in new window

But, this is just the beginning.
Ernie BeekExpertCommented:
@Predrag: Interesting comments, good read mate!
MoonLiveAuthor Commented:
Predrag Jovic, Thanks for your input. I do aware of it I am going to verify with Microsoft about the Supernode. We are using Skype for Business 2016 and many Mac users. Lync for Mac is useless and we have to use Skype for Business web app which is works well. That makes me more concern about bandwidth.  For question about QOS for skype, i may apply the policy incorrectly.  Does the policy needs to apply every router facing inside (lan)?
MoonLiveAuthor Commented:
I confirmed with Microsoft that Skype for Business is not using supernode.  Per Predra Jovic, i would stay out of complexity of the routing Internet traffic to other source. Thanks for all of you out there.
Thanks :)

I did not know that Skype for Business since it was just mentioned Skype in the post. QoS should be implemented on every router and switch (every port) in your network (end to end QoS).

And, also, I did not want to discourage you, I was just pointing pitfalls that you are facing in your task.
MoonLiveAuthor Commented:
PredragJovic, you didn't discourage me. it is good information and i don't want to too complicated. One man job can't do so much.   All switches need to have QoS applied on every port?
Yes, you don't want Skype call to have equal priority to data transfer. Voice traffic should have higher priority everywhere from port to the WAN (especially if you have MetroE) over other types of traffic. If is not just question of traffic type priority, queue size can also turn out to be problem. Big data chunk can be enter queue and there will be no place for voice traffic until those packets are sent even if voice have higher priority etc...
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.