Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1123
Views
0
Helpful
8
Replies

2 WANs 1 LAN

d3tonador
Level 1
Level 1

‎08-29-2018 01:03 PM - edited ‎03-05-2019 10:53 AM

Hi All, 

 

Im wondering if someone can help me configure a way to make some IPs go through WAN1 and someothers IPs (from the same LAN) go through WAN2.

I have been trying for long time now with no luck.

Thanks in advance!

 

Best regards,

Labels:
0 Helpful
8 Replies 8

Seb Rupik
VIP Alumni
VIP Alumni

‎08-29-2018 01:09 PM

Hi there,

If it is just a single LAN, then PBR would be the obvious solution. With more LANs maybe VRFs; depends on your topology.

 

What are hardware are you using?

 

cheers,

Seb.

0 Helpful

d3tonador
Level 1
Level 1
In response to Seb Rupik

‎08-30-2018 04:08 AM

Hi Seb, thank you for your prompt response!

Im using a Cisco AS520, this are my routing options:

image.png

 

I did try with routing but still it uses both WANs.

I also tried IPv4 Rules with WAN Alias with no luck.

Any help would be very apreciated!

0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni
In response to d3tonador

‎08-30-2018 06:00 AM

Hello again,

I've never used an SA520 before or any SA for that matter!

But reading through the cnfig guide:

https://www.cisco.com/c/dam/en/us/td/docs/security/multi_function_security/multi_function_security_appliance/sa_500/administration/guide/SA500_AG_OL1911404.pdf

 

..if you configure the 'optional' port a WAN port, you can configure load balancing between the links: page 57

 

...you then need to configure the protocol bindings: page 60

..under this section you can specify a network range, or subnet. So take you single LAN subnet and split it in two. Hopefully the SA won't notice that the range/subnet overlap the same 'connected' LAN subnet.

 

good luck!

 

cheers,

Seb.

0 Helpful

d3tonador
Level 1
Level 1
In response to Seb Rupik

‎08-30-2018 08:22 AM

Hi Seb, 

 

I followed your recomendation but no luck.

here is my configuration:

 

image.png

image.png

image.png

The 2nd hope should be 192.168.36.1 (WAN2).

I checked my ip over the internet, just in case it where related to the protocol but not, it is still showing my ISP WAN1 IP.
What am I missing here?

0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni
In response to d3tonador

‎08-30-2018 08:40 AM

Hmm, How have you specified the source network, as a host? ie 192.168.15.149/32 ?

 

Could you try a source network of 192.168.15.128/25 to send the upper half of the connected /24 via the optional WAN interface?

 

cheers,

Seb.

0 Helpful

d3tonador
Level 1
Level 1
In response to Seb Rupik

‎08-30-2018 09:46 AM

 

not possible, only: Any, Sigle or, Range. im trying with single, to check with mine

image.png

0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni
In response to d3tonador

‎08-30-2018 01:01 PM

From your screenshot it looks like it should be working!

Now we've run out of road with my SA troubleshooting, sorry. :)

 

Perhaps post the question about the optional WAN the the Small Business Security forum:

https://community.cisco.com/t5/small-business-security/bd-p/5901-discussions-small-business-security

 

cheers,

Seb.

0 Helpful

d3tonador
Level 1
Level 1
In response to Seb Rupik

‎08-31-2018 03:28 AM

Thank you Seb!! I'll do that.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card