Hello everyone and thanks for reading!
We have several locations all across the southeast. Our locations are joined by an MPLS/DMVPN network using different ISPs. Corporate has the company wide internet access, in other words, ALL INTERNET traffic comes across the MPLS into corporate out to the world and back through corporate again.
We have (in most locations) CISCO IP phones 7945, CISCO 2911/2901 routers and CISCO 2960/3560 PoE switches.
All such phones talk to the CALL MANAGER server located at corporate. The phones travel on VLAN100, our data goes on VLAN1 to VLAN95 (depending on location) we use a class A INTERNAL IP schema and an ASA here at corporate as firewall/gateway.
How can we make, on any given location, the routers to go out DIRECTLY onto THE WEB and supply internet locally while also connecting the private network, phones, etc?
If someone needs any specific information, I'd be more than glad to provide it. I just didn't want to add too much and confuse the point of the question.
Sounds like you need to look into rolling out Policy Based Routing at each site. Assign traffic based on subnets (or type of traffic) to use a particular interface, be it a GRE tunnel, VPN, whatever.. Anything else will travel out of the default gateway which would be the interface to the local ISP. This is a very basic description, so no doubt you will need to look into how your network is mapped to see what will work for you.
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Complexity would be depend on how you use the default route. Assuming all internal address blocks don't require default route, your local branches to route default to their local Internet.
Thanks for your replies!
I wasn't specific because we have different sites on different states with different carriers. Indeed it will take effort and research to find the best solution for each specific site. But thanks for your comments, it points me in the right direcction!
Have a pleasant day!