11-27-2003 10:00 AM - edited 03-02-2019 12:00 PM
Hi
I have 2 companies on our Wide area network.
They all come into the same core network.
The problem I am trying to solve is that we have
got a default route pointing to our firewall for all internet traffic.
I need the the 2 companiees to use there own seperate internet connections.
I created a route map to point all traffic from source 10.99.0.0 to go to next hop 10.99.7.253
which is a 3550 switch.The 3550 switch is in turn connected to there core layer 3 extreme switch.
I setup anothe route map on the 3550 pointing the traffic to there extreme switch so that the extreme switch can route the traffic onto its deafult route and there internet circuit.....
The route map on our core router is
ip access-list extended TQ3-Internet
deny ip 10.99.0.0 0.0.255.255 57.8.0.0 0.0.255.255
permit ip 10.99.0.0 0.0.255.255 any log
route-map TQ3 permit 15
match ip address TQ3-Internet
set ip next-hop 10.99.7.253
and the route map on the 3550 switch is
access-list 151 permit ip 10.99.0.0 0.0.255.255 any
route-map TQ3 permit 15
match ip address 151
set ip next-hop 10.99.7.254
where 10.99.7.254 is there extreme switch.
I could not apply my route map to the fastethernet interface on the 3550 switch.it wont let me.
The first route map on our core router is applied to the fastethernet interfaces.
My config is not working as the 2 companies are still using the default route in our core as for there internet access.Only the one company needs to use that.I cant seem to find a way to have 2 default routes for 2 differentg companies so that I can seperate the 2.
Any advice or help would be much appreciated.
11-27-2003 06:55 PM
You apply the Route-map on to the ingress Layer 3 interface (Either VLAN interface or Fast Ethernet/Gig) on 3550.
you can configure the Fast ethernet0/0 as Layer 3 interface,as following.
(Config-T)#
(Config-T)#Inteface FastEthernet0/0
(Config-T-IF)#"no switch port "
(Config-T-IF)#exit
Pls refer the URL for more info.
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/1216ea1/3550scg/swint.htm#xtocid2266925
11-28-2003 01:01 AM
Hi
Thanks..
I am trying to apply the route-map to the interface and it wont let me.It is usually ip policy route-map.
The command is not there even when i make the port a no switchport.I also tried it on the vlan interfacce but it wont take the command.How do I apply my route-map on a 3550.
Cheers
11-28-2003 02:15 AM
FYI,
" set ip next-hop ip-address " is an unsupported command on latest releases on 3550. Please check the link
Regarding your design, why dont you try to keep the seperate customers traffic in their own VLANS and subnets and have appropriate default-gateways setup so you wont need policy routing.
11-28-2003 03:32 AM
Then this must be the problem with IOS version.
Pls check your IOS image version.
You may be using SMI (Standard Multilayer Image) version, for PBR you require EMI (Enhanced Multilayer Image)version
11-28-2003 05:47 AM
Hi
I am using EMI IOS.
c3550-i5q3l2-mz.121-11.EA1a.bin
12-04-2003 08:44 AM
Hi
Can anyone shed some light here.
I still cant get it working.
The 2 companies use 2 different source ip ranges....
the one is 10.98.0.0 and the other is 10.99.0.0
Both these networks sit on the same IP ADSL wan...
So they both have the same route onto our core router....When the traffic hits our core router I have got a default route for any internet traffic pointing to our firewall whcih is ip route 0.0.0.0 0.0.0.0 10.98.7.250.
This internet route should be used for the traffic coming from 10.98.x.x and not 10.99.x.x.
The 10.99.x.x needs to go 3 hops to get to there
internet firewall.the problem I have is getting that traffic to go to that device.The 3rd hop is a 3550 switch and this switch does not support certain route-map commands.I cant seem do find out how to point the traffic from the 3550 switch to the next hop.....
Any advice would be appreciated.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide