04-01-2009 09:01 AM - edited 03-11-2019 08:13 AM
please is it possible to configure 2 default route in a router?
04-01-2009 09:04 AM
Habib
Yes it is perfectly possible to have 2 default routes on a router. The router will load-balance across the 2 routes (providing it does not find a more specific route in the routing table).
Jon
04-01-2009 09:45 AM
Thank you Jon for your answer,
in the attached file, you have the architecture of my network:
-R1 connects the other branches to the HQ via MPLS and those branhes go to the internet trhough R1 (in R1 I have 2 interfaces dialer: dialer0 for internet access and dialer1 for MPLS)
-R2 connects the HQ to the internet
But now I want that all my internet traffic passes trougth ASA and for that, I want to shutdown dialer0 in R1 and configure in it a second default route towards ASA.
please I want to know if this would work.
Thank you
04-01-2009 09:47 AM
Habib
Unfortunately can't read visio files, can you post as a .jpg/.png
Jon
04-01-2009 10:11 AM
04-01-2009 11:08 AM
So what does the first default-route on R1 point to ?
Jon
04-02-2009 12:58 AM
Hi Mr Jon,
the first default-route on R1 point to dialer0.
Now I have to ISP, the first one is connectected trough R1 and the second one trough R2, I want to cancel the contract with the first one (contract of internet provider but maintain the contract of MPLS because I am using its infrastructure for MPLS) and maintain the second ISP for internet access.
Thank you, and il will please to read you.
Regards
04-02-2009 07:40 AM
Habib
Okay 2 default-routes won't work because the router will not know whether to send the packet via MPLS or to the internet.
So
1) the default-route must be used for Internet traffic because the destination address could be anything -
ip route 0.0.0.0 0.0.0.0
2) You will need more specific routes for your branch networks that are reachable via MPLS. So on R1 you would need to add routes for all branch networks eg.
ip route 192.168.5.0 255.255.255.0
etc...
If you have summarised your network hopefully there won't be too many entries.
Jon
04-02-2009 09:34 AM
Thank you very much for your answer
In R1 I have have already add routes to all my branch networks and those routes are like this:
ip route 172.16.2.0 255.255.255.0 dialer1
ip route 172.16.3.0 255.255.255.0 dialer1
etc...
In R1, I will disable the existing default route which is:
ip route 0.0.0.0 0.0.0.0 dialer0
and replace it by
ip route 0.0.0.0 0.0.0.0
I will get you know.
Regards
04-02-2009 04:12 PM
Habib
No problem, let me know how you get on.
Jon
04-04-2009 05:29 AM
hi M. Jon
I changed the default route in R1, and from R1 I reach the DNS of the second ISP trough R2, but when I log in the router of one of my branches I did'nt reach that DNS consequently the computers behind this router don't get access in the internet, please help me to solve this problem.
int the ASA, I have built these dynamics NAT
nat (inside) 1 network_address_branch_1
nat (inside) 1 network_address_branch_2
etc...
global (outside) 1 x.x.x.y - x.x.x.z
regards
04-05-2009 06:07 PM
hi habib,
are x.x.x.y-x.x.x.z your public IPs? Where r u translating for Internet access? How many Public IP addresses do you have for internet?
In the above configuration if you are specifying public IP in global(outside). Only z-y inside host will be able to access internet.
So, could you please clear, where r u translating for internet access in router R2 or ASA outside interface.
04-06-2009 12:05 AM
hi roshan
I have one public address for internet and the translation for internet is made on R2.
Rgards
04-06-2009 05:22 AM
Hi Habib,
I have pasted sample configuration that resembles your network.
! The following are the assumption with IP addresses
! Router R2 [fa0/0]internet address=192.168.10.2 and gateway address=192.168.10.1
! Branch Networks: Branch_A =172.22.10.0/24, Branch_B=172.22.15.0/24
! R2 inside address: 172.16.10.1
! ASA outside address: 172.16.10.2, inside addresss: 172.16.20.1
! Router R1 inside address 172.16.20.2,
!
!=================================================================
! R2 configuration
ip route 0.0.0.0 0.0.0.0 192.168.10.1
ip route 172.22.0.0 255.255.0.0 172.16.10.2
ip route 172.16.20.0 255.255.255.0 172.16.10.2
!
ip access-list extended internet_access
permit ip 172.22.10.0 0.0.0.255 any
permit ip 172.22.15.0 0.0.0.255 any
!
ip nat inside source list internet_access interface fastethernet 0/0 overload
ip nat inside source static 172.16.15.20 192.168.10.20
!
===============================================================
!
! ASA configuration : assuming nat-control is enabled
!
!
no nat-control
!
route outside 0.0.0.0 0.0.0.0 172.16.10.1
route inside 172.22.0.0 255.255.0.0 172.16.20.2
!
!
====================================================================
!
! R1 configuration
!
!
ip route 172.22.0.0 255.255.0.0 dialer1
ip route 0.0.0.0 0.0.0.0 172.16.20.1
!
!
==================================================================
04-06-2009 07:10 AM
thank you M. Roshan, thank you for your answer, I will try to apply ur sample configuration and let u know; but I also want to controled internet access on my ASA (not all computers have access to the internet), between R2 and ASA I have this network 172.16.254.0/24 which can permit me to do static nat on ASA for computers which have access to the internet, does this configuration work?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide