05-22-2017 04:40 AM
Buen dia
necesito una ayuda urgente, tengo dos proveedores de enlaces vodafone y telefonica, actualmente tengo configurado mi Firewall que todo lo que vengan de la 192.168.0.0 vaya hacia movistar, pero necesito hacer una migracion de proveedor, y quiero ir migrando los ordenadores uno a uno a vodafone, pero no lo logro, les envio la configuracion mas o menos que he echo, hice un resumen de mas o menos como la tengo, quiero sera capaz de decirle que el ordenador con ip 192.168.229.4 salga por vodafone, e ir pudiendo agregar cada vez mas, agredezco su ayuda
nameif ethernet0 outside (Movistar) security0
nameif ethernet1 inside security100
nameif ethernet2 vodafone security0
name 192.168.180.2 Servidor
name 192.168.181.3 Ordenador M
name 192.168.229.4 Ordenador V
object-group network GRUPO_SERVIDORES
network-object Servidor 255.255.255.255
object-group network GRUPO_ORDENADOR_MOVISTAR
network-object Ordenador_M 255.255.255.255
object-group network GRUPO_ORDENADOR_VODAFONE
network-object Ordenador_V 255.255.255.255
access-list IN permit icmp any any
access-list IN permit udp any any
access-list IN permit tcp object-group GRUPO_SERVIDORES object-group GRUPO_ORDENADOR_MOVISTAR
access-list IN permit tcp object-group GRUPO_SERVIDORES object-group GRUPO_ORDENADOR_VODAFONE
access-list OUT permit icmp any any
access-list OUT permit tcp object-group GRUPO_ORDENADOR_MOVISTAR host ntps
access-list OUT permit tcp object-group GRUPO_ORDENADOR_MOVISTAR object-group GRUPO_SERVIDORES
access-list OUT_VODAFONE permit icmp any any
access-list OUT_VODAFONE permit tcp object-group GRUPO_ORDENADOR_VODAFONE host ntps
access-list OUT_VODAFONE permit tcp object-group GRUPO_ORDENADOR_VODAFONE object-group GRUPO_SERVIDORES
pager lines 24
mtu outside (MOVISTAR) 1500
mtu inside 1500
mtu vodafone 1500
ip address outside (MOVISTAR) 192.168.255.3 255.255.255.0
ip address inside 10.20.20.3 255.255.255.0
ip address vodafone 192.168.229.3 255.255.255.0
pdm group GRUPO_ORDENADOR_MOVISTAR outside
pdm group GRUPO_SERVIDORES inside
pdm group GRUPO_ORDENADOR_VODAFONE vodafone
pdm logging informational 100
no pdm history enable
arp timeout 14400
global (outside(MOVISTAR)) 1 interface
global (vodafone) 1 interface
static (inside,outside(MOVISTAR)) Servidor Servidor netmask 255.255.255.255 0 0
access-group OUT in interface outside(MOVISTAR)
access-group IN in interface inside
access-group OUT_VODAFONE in interface vodafone
route inside 10.0.0.0 255.240.0.0 10.20.20.1 1
route inside 10.20.0 255.255.0.0 10.20.20.1 1
route outside (MOVISTAR) 192.168.0.0 255.255.0.0 192.168.255.1(IP ROUTER MOVISTAR) 1
route vodafone 192.168.0.0 255.255.0.0 192.168.229.1(IP ROUTER VODAFONE) 2
timeout xlate 3:00:00
05-29-2017 01:35 PM
Translation:
good day I need an urgent help, I have two providers of vodafone and telephone links, I currently have configured my Firewall that everything that comes from the 192.168.0.0 goes to movistar, but I need to do a provider migration, and I want to go migrating the computers one by one To vodafone, but I do not succeed, I send the configuration more or less than I have done, I did a summary of more or less as I have it, I want to be able to tell you that the computer with ip 192.168.229.4 exits via vodafone, Add more and more, I encourage your help Nameif ethernet0 outside (Movistar) security0 Nameif ethernet1 inside security100 Nameif ethernet2 vodafone security0 Name 192.168.180.2 Server Name 192.168.181.3 Computer M Name 192.168.229.4 Computer V Object-group network SERVER_GROUP Network-object Server 255.255.255.255 Object-group network GRUPO_ORDENADOR_MOVISTAR Network-object Computer_M 255.255.255.255 Object-group network GRUPO_ORDENADOR_VODAFONE Network-object Computer -V 255.255.255.255 Access-list IN allow icmp any any Access-list IN allow udp any any Access-list IN allow tcp object-group SERVER_GROUP object-group GRUPO_ORDER_MOVISTAR Access-list IN allow tcp object-group SERVER_GROUP object-group CREATOR_ORDER_GROUP Access-list OUT allow icmp any any Access-list OUT allow tcp object-group GROUP_ORDER_MOVISTAR host ntps Access-list OUT allow tcp object-group GROUP_ORDER_MOVISTAR object-group SERVER_Group Access-list OUT_VODAFONE allow icmp any any Access-list OUT_VODAFONE allow tcp object-group host_name hostname ntps Access-list OUT_VODAFONE allow tcp object-group CREATE_VIDEUFORD group object-group CREATE_GIF Pager lines 24 Mtu outside (MOVISTAR) 1500 Mtu inside 1500 Mtu vodafone 1500 Ip address outside (MOVISTAR) 192.168.255.3 255.255.255.0 Ip address inside 10.20.20.3 255.255.255.0 Ip address vodafone 192.168.229.3 255.255.255.0 Pdm group GRUPO_ORDENADOR_MOVISTAR outside Pdm group SERVER_group inside Pdm group GRUPO_ORDENADOR_VODAFONE vodafone Pdm logging informational 100 No pdm history enable Arp timeout 14400 Global (outside (MOVISTAR)) 1 interface Global (vodafone) 1 interface Static (inside, outside (MOVISTAR)) Server Netmask Server 255.255.255.255 0 0 Access-group OUT in interface outside (MOVISTAR) Access-group IN in interface inside Access-group OUT_VODAFONE in vodafone interface Route inside 10.0.0.0 255.240.0.0 10.20.20.1 1 Route inside 10.20.0 255.255.0.0 10.20.20.1 1 Route outside (MOVISTAR) 192.168.0.0 255.255.0.0 192.168.255.1 (IP ROUTER MOVISTAR) 1 Route vodafone 192.168.0.0 255.255.0.0 192.168.229.1 (IP ROUTER VODAFONE) 2 Xlate timeout 3:00:00
05-29-2017 01:37 PM
I recommend you post this to the Cisco Support Community for more information and feedback from technical support experts.
https://supportforums.cisco.com/
I hope this helps.
Kelli Glass
Moderator for Cisco Customer Communities
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide