1 router , 2 gateways

Discussion in 'Cisco' started by psychogenic, Jun 7, 2006.

  1. psychogenic

    psychogenic Guest

    Is there a way I can route specific traffic to go to one firewall and
    everything else to go to another firewall? Like this diagram below:

    remote site
    ||
    vpn tunnel
    || internet
    || |
    PIX501 PIX501
    \ /
    \ /
    \ /
    Cisco 2600
    |
    |
    LAN

    Thanks.
    psychogenic, Jun 7, 2006
    #1
    1. Advertising

  2. On 07.06.2006 16:47 psychogenic wrote

    > Is there a way I can route specific traffic to go to one firewall and
    > everything else to go to another firewall? Like this diagram below:
    >
    > remote site
    > ||
    > vpn tunnel
    > || internet
    > || |
    > PIX501 PIX501
    > \ /
    > \ /
    > \ /
    > Cisco 2600
    > |
    > |
    > LAN
    >


    Depends on what "specific traffic" is ... if it's just traffic for a
    specific destination you can do this with normal routing techniques. If
    it's source based, you'll policy based routing (PBR) to do that. If it's
    based on other criteria, I can't see how this can be done.


    --
    Arnold Nipper, AN45
    Arnold Nipper, Jun 7, 2006
    #2
    1. Advertising

  3. psychogenic

    psychogenic Guest

    Arnold Nipper wrote:
    > On 07.06.2006 16:47 psychogenic wrote
    >
    > > Is there a way I can route specific traffic to go to one firewall and
    > > everything else to go to another firewall? Like this diagram below:
    > >
    > > remote site
    > > ||
    > > vpn tunnel
    > > || internet
    > > || |
    > > PIX501 PIX501
    > > \ /
    > > \ /
    > > \ /
    > > Cisco 2600
    > > |
    > > |
    > > LAN
    > >

    >
    > Depends on what "specific traffic" is ... if it's just traffic for a
    > specific destination you can do this with normal routing techniques. If
    > it's source based, you'll policy based routing (PBR) to do that. If it's
    > based on other criteria, I can't see how this can be done.
    >
    >
    > --
    > Arnold Nipper, AN45



    I have a vpn tunnel that's currently setup between the pix501 and a
    remote site's router. Basically I want any traffic heading to that
    remote site will go through that pix501 and any other traffic
    (internet) to go through the other pix501. I'm very new to routing so
    am unsure if this requires I need to put in 2 gateways in the 2600
    router or how would that work?
    psychogenic, Jun 7, 2006
    #3
  4. remote site

    ||

    vpn tunnel

    || internet

    || |

    PIX501A PIX501B

    \ /

    \ /

    \ /

    Cisco 2600

    |

    |

    LAN



    Remote Site: 10.5.0.0/16

    LAN: 10.1.0.0/16

    Cisco 2600: 10.1.0.1

    PIX501A: 10.1.0.2

    PIX501B: 10.1.0.3





    On the 2600 you would have:

    ip route 0.0.0.0 0.0.0.0 10.1.0.3

    ip route 10.5.0.0 255.255.0.0 10.1.0.2



    So traffic for the remote Site would go to the PIX501A and all other traffic
    would go to PIX501B.



    This assumes that PIX501A knows that it can pass traffic to Remote Site via
    its VPN Connection to it.





    Scott<-

    "psychogenic" <> wrote in message
    news:...
    >
    > Arnold Nipper wrote:
    >> On 07.06.2006 16:47 psychogenic wrote
    >>
    >> > Is there a way I can route specific traffic to go to one firewall and
    >> > everything else to go to another firewall? Like this diagram below:
    >> >
    >> > remote site
    >> > ||
    >> > vpn tunnel
    >> > || internet
    >> > || |
    >> > PIX501 PIX501
    >> > \ /
    >> > \ /
    >> > \ /
    >> > Cisco 2600
    >> > |
    >> > |
    >> > LAN
    >> >

    >>
    >> Depends on what "specific traffic" is ... if it's just traffic for a
    >> specific destination you can do this with normal routing techniques. If
    >> it's source based, you'll policy based routing (PBR) to do that. If it's
    >> based on other criteria, I can't see how this can be done.
    >>
    >>
    >> --
    >> Arnold Nipper, AN45

    >
    >
    > I have a vpn tunnel that's currently setup between the pix501 and a
    > remote site's router. Basically I want any traffic heading to that
    > remote site will go through that pix501 and any other traffic
    > (internet) to go through the other pix501. I'm very new to routing so
    > am unsure if this requires I need to put in 2 gateways in the 2600
    > router or how would that work?
    >
    Scott Townsend, Jun 7, 2006
    #4
  5. psychogenic

    psychogenic Guest

    Actually that looks about right. Yes the PIx501A should know because if
    I connect a PC to the PIX501A , the vpn tunnel is up and it can pass
    traffic through.

    Scott Townsend wrote:
    > remote site
    >
    > ||
    >
    > vpn tunnel
    >
    > || internet
    >
    > || |
    >
    > PIX501A PIX501B
    >
    > \ /
    >
    > \ /
    >
    > \ /
    >
    > Cisco 2600
    >
    > |
    >
    > |
    >
    > LAN
    >
    >
    >
    > Remote Site: 10.5.0.0/16
    >
    > LAN: 10.1.0.0/16
    >
    > Cisco 2600: 10.1.0.1
    >
    > PIX501A: 10.1.0.2
    >
    > PIX501B: 10.1.0.3
    >
    >
    >
    >
    >
    > On the 2600 you would have:
    >
    > ip route 0.0.0.0 0.0.0.0 10.1.0.3
    >
    > ip route 10.5.0.0 255.255.0.0 10.1.0.2
    >
    >
    >
    > So traffic for the remote Site would go to the PIX501A and all other traffic
    > would go to PIX501B.
    >
    >
    >
    > This assumes that PIX501A knows that it can pass traffic to Remote Site via
    > its VPN Connection to it.
    >
    >
    >
    >
    >
    > Scott<-
    >
    > "psychogenic" <> wrote in message
    > news:...
    > >
    > > Arnold Nipper wrote:
    > >> On 07.06.2006 16:47 psychogenic wrote
    > >>
    > >> > Is there a way I can route specific traffic to go to one firewall and
    > >> > everything else to go to another firewall? Like this diagram below:
    > >> >
    > >> > remote site
    > >> > ||
    > >> > vpn tunnel
    > >> > || internet
    > >> > || |
    > >> > PIX501 PIX501
    > >> > \ /
    > >> > \ /
    > >> > \ /
    > >> > Cisco 2600
    > >> > |
    > >> > |
    > >> > LAN
    > >> >
    > >>
    > >> Depends on what "specific traffic" is ... if it's just traffic for a
    > >> specific destination you can do this with normal routing techniques. If
    > >> it's source based, you'll policy based routing (PBR) to do that. If it's
    > >> based on other criteria, I can't see how this can be done.
    > >>
    > >>
    > >> --
    > >> Arnold Nipper, AN45

    > >
    > >
    > > I have a vpn tunnel that's currently setup between the pix501 and a
    > > remote site's router. Basically I want any traffic heading to that
    > > remote site will go through that pix501 and any other traffic
    > > (internet) to go through the other pix501. I'm very new to routing so
    > > am unsure if this requires I need to put in 2 gateways in the 2600
    > > router or how would that work?
    > >
    psychogenic, Jun 7, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?anVubnU=?=

    two gateways in one server

    =?Utf-8?B?anVubnU=?=, Aug 21, 2004, in forum: Microsoft Certification
    Replies:
    1
    Views:
    2,588
    No one
    Aug 21, 2004
  2. Guest
    Replies:
    4
    Views:
    18,158
    scott enwright
    Jan 17, 2004
  3. Jack

    Sip Proxy & Voice Gateways

    Jack, Feb 24, 2004, in forum: Cisco
    Replies:
    0
    Views:
    404
  4. Replies:
    0
    Views:
    298
  5. Replies:
    3
    Views:
    889
Loading...

Share This Page