09-23-2008 01:42 AM - edited 03-03-2019 11:39 PM
Hi there.
The scenario is the one shown in the .doc
The ideia is to forward all the internet traffic through dialer 2 and the vpn traffic through dialer 3
How can I do that? I tried with route maps, but it didn't work. The route-maps are still shown in the router config, but they aren't applied to any interface
In attachement i send the scneario, and two config files
Thanks in advance
09-23-2008 11:51 AM
Hello Tiago,
on the router 2811
have a preferred default route via dialer2 and a backup one via dialer3.
ip route 0.0.0.0 0.0.0.0 dialer2
ip route 0.0.0.0 0.0.0.0 dialer3 200
then you need to perform NAT using a route-map with two blocks
all IPSEC related traffic has to be mapped to dialer3
route-map selective-NAT permit 10
match ip address 121
route-map selective-NAT permit 20
match ip address 122
access-list 121 permit udp any any eq 500
access-list 121 permit udp any eq 500 any
access-list 121 permit ah any any
access-list 121 permit esp any any
! example let's suppose net 10/8 is to be NATTED
access-list 122 permit 10.0.0.0 0.255.255.255 any
see the following link
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093fca.shtml
Hope to help
Giuseppe
09-24-2008 07:09 AM
Hi there!
There must be something missing.
I've tried your ideia, but as soon as i insert the default route to dialer 2, the vpn's stop working.
What is missing me? By the way, i applied the route maps to the fast ethernet (inside) interface of the router. Is this correct?
And also, i've added the match interface in the route-maps.
Is there anything missing me?
Thanks
09-24-2008 08:05 AM
Hello Tiago,
the route-maps are not to be applied at the interfaces but used by NAT
ip nat source inside route-map x ....
see in the document in the link in my first post
Hope to help
Giuseppe
09-24-2008 08:16 AM
oh, ok.
But what will be the rest of the ip nat inside command? I will nat it to dialer 2 or dialer 3? with or without overload?
which of these will work?
ip nat inside source route-map x interface dialer 2
ip nat inside source route-map x interface dialer 2 overload
ip nat inside source route-map x interface dialer 3
ip nat inside source route-map x interface dialer 3 overload
???
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide