Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
405
Views
4
Helpful
1
Replies

Help with network design for school wan

asaykao73
Level 1
Level 1

‎06-14-2009 02:30 PM - edited ‎03-04-2019 05:07 AM

Hi There,

I'm not entirely sure about what solutions are available for this design. Any guidance would be greatly appreciated.

[school wan] ---> [3560G] --> (P1_7606) [MPLS Cloud] (P2_7606) --> WWW

The school wan encompasses a number of schools. They want to use us (the service provider) for Internet traffic but have all school traffic not go beyond the Cisco 3560G switch unless it's Internet traffic.

My Manager suggested we create a "virtual router" for them - by this I wasn't sure if he meant that we use vrf-lite or if we set them up on our MPLS network.

Are we best to we use vrf-lite and create a vrf locally on the 3560G and establish some route leaking for internet traffic or do we encompass them into our MPLS network (not sure which way is better). We run a mixture IP and MPLS within our core network if that helps. Or is there a better solution out there?

Thanks.

Andy

Labels:
0 Helpful
1 Reply 1

Edison Ortiz
Hall of Fame
Hall of Fame

‎06-14-2009 02:55 PM

How about outbound filtering on the school private subnet with a permit ip any any at the end of the ACL?

For instance, school private subnet 10/8

ip access-list extended INTERNET

deny ip any 10.0.0.0 0.255.255.255

permit ip any any

interface fx/x or svi x/x

ip access-group INTERNET out

__

Edison.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card