12-08-2004 08:13 AM - edited 03-02-2019 08:28 PM
I have a Catalyst 4506, running IOS 12.1. I currently have a default route for all traffic to be forwarded to our current internet connection. We are putting in a second internet connection and i would like to have a default gateway to go to the second internet connection for one certain VLAN, and no others. Is this possible and if so how do i go about doing it.
12-08-2004 08:46 AM
You could set up Policy based routing..
Make sure you are running a newer IOS such as 12.2(18)EW2 since we have many PBR bug fixes
Here is an example
First set up access-list to match traffic
access-list 1 permit 129.71.0.0 0.0.255.255
access-list 2 permit 10.0.0.0 0.255.255.255
access-list 3 permit 192.168.0.0 0.0.255.255
Configure route-map statements
route-map students permit 10
match ip address 2
set ip default next-hop 10.1.1.1 <<--First g/w
!
route-map admin permit 20
match ip address 1 3
set ip default next-hop 20.1.1.1 <<--2nd g/w
Then apply these route maps to VLAN interfaces
interface Vlan1
ip address x.x.x.x 255.255.255.0
ip policy route-map students
!
interface Vlan2
ip address x.x.x.x 255.255.255.0
ip policy route-map admin
12-08-2004 10:45 AM
That is exactly what i want to do, my problem is this is a live network and i am setting up this gateway as a test, I want to test our firewall on the network, but not in the live VLAN, is it possible to do the route map without bothering the existing routes?
12-08-2004 01:18 PM
Just create a test vlan and test it there first....
-Bo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide