10-28-2014 07:36 PM
Hi,
I have 2 x Cisco 887 routers both using ADSL2+.
I want to send all traffic through one router apart from RDP traffic which I want to route through the second router (see attached jpg)
I want the first router to be the Default Gateway for all the clients.
Can someone help me with the routing configuration?
Thanks alot
10-29-2014 07:28 AM
Hi Mintola1976,
You would apply a PBR (Policy-Based Routing). In my example, I would assume that the default gateway router interface connected to that LAN is Vlan1.
1) Define an access list for matching the interested traffic from your LAN towards any RDP:
access-list 110 permit tcp any any eq 3389
2) Define the route map:
route-map REROUTE-RDP permit 10
match ip address 110
set ip next-hop 172.21.21.253
3) Apply the route map on the interface:
interface vlan1
ip policy route-map REROUTE-RDP
To verify if the policy is working or not, you would use the command "deb ip policy".
Regards,
Aref
10-29-2014 05:52 PM
Hi Aref,
Thanks so much for this.
Regarding the second router on 172.21.21.253, how would I best connect that to the gateway router?
Would I directly attach from Cisco to Cisco, or connect it to the switch on its VLAN1 interface.
Also, would I need to set up NAT on the second router and configure PAT to forward 3389 to the first cisco?
Thank you
10-29-2014 08:03 PM
You are very welcome Mintola.
I would connect them directly. Assuming that you have already natting enabled on RDP router, you would not have to apply any particular natting for RDP traffic, since that traffic would be natted based on the natting rule already applied on the RDP router, and it would come back without any problem unless you have any access list applied in inbound direction on the dialer interface that would block it, so no, you don't have to do any portforwarding. Portforwarding or static nat would have been needed in case you were to enable traffic from outside towards inside destined to RDP.
Regards,
Aref
11-02-2014 01:51 PM
Thanks Aref, you are a great help.
Just regarding the connection from the gateway router to the RDP router, would I just create VLAN1 (172.21.21.253) on the RDP router, plug a cable from eth1 on the Gateway router to eth0 on the gateway router?
Would that enable the Gateway router to pass traffic through the RDP router?
Thanks
11-02-2014 02:10 PM
Thank you, I really appreciate your kind words.
Yes, that would be enough, assuming you have all the other routing configuration set correctly towards the ISP, in other words, both of the routers can be on the same LAN with different ip address obviously, that's it.
Regards,
Aref
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide