Two separate network with Hub/Spoke setup

MAKhan · ‎12-15-2004

Hi,

I need to connect 6 sites in Hub/spoke manner; each site contains two separate network which should not share each other resources and even should not ping each other network.

The Central site also have the two server farms one for 192.168.x.x address and one 192.169.x.x network. I am little bit confused because if I enable any routing then both network will be available to all PCs configured to use network A and B.

What should I do in order to separate the both communication as parallel using the 2xE1 to central site with load balancing.

Any idea/explanation/configuration would be highly appreciated.

rais · ‎12-15-2004

You can use null routes at spokes to discard all traffic destined for other networks that should not be accessed. If you are using same router, then you can configure ACLs.

HTH.

MAKhan · ‎12-15-2004

Hello Rais,

Thanks for your reply; can you please briefly explain with some configuration.

Please advice.

Regards

rais · ‎12-16-2004

Suppose you have a site with two netowrks 192.168.1.0 and 192.168.2.0. On the 192.168.1.0 interface install an access-list:

access-list 100 permit 192.168.CENTRALSITE 0.0.0.255 any established

access-list deny any any

Assign it to interface out.

If you have separate routers for the above two networks, then on 192.168.1.0 config:

ip route 192.168.2.0 255.255.255.0 null0

HTH.

MAKhan · ‎12-21-2004

Thanks Rais;

But still I am little bit confused; How should I do it in order to keep separate both network. I enable the TRUNK port (Intervlan routing) with the same access list but i can see and ping the network.; check the attached drawing; and let me know your valuable advice.