Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
725
Views
0
Helpful
10
Replies

Multiple Internet Access Points in Different Regional Offices

Go to solution
dmpeter666
Level 1
Level 1

‎06-14-2017 05:54 AM - edited ‎03-05-2019 08:42 AM

I have 5 regional offices and an HQ office. Right now all traffic comes through HQ via bgp for internet access, I have an overload statement for natting since it is on a sub interface, and HQ access uses the VPLS address to our public address. I have an internet access point in 1 regional office that I cant get other regional offices to see or to route traffic out of, also I cant even get traffic from that office out of that sub interface, it comes through are HQ office.

I have tried the overload statement in that regional office but traffic will not go anywhere. I tried all traffic using a ip route statement but same result. It may be bgp, our isp has everything hardcode so we can not manipulate our bgp commands. We do advertise that subnet to come to HQ.

If anyone has any information or has run into the same problem please let me know.

I will provide configs.

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Julio E. Moisa
VIP Alumni
VIP Alumni
In response to dmpeter666

‎06-20-2017 04:56 AM

Hi

Thank you for the update, good to know it was fixed.

Have a great day

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

View solution in original post

0 Helpful
10 Replies 10

Go to solution
Julio E. Moisa
VIP Alumni
VIP Alumni

‎06-14-2017 07:01 AM

Hi 

Please correct me but you want to manipulate the traffic of Internet to get it locally, BGP is advertising a default route, a local default route should be preferred over BGP (AD: 1 over eBGP 20 / iBGP 200) . Now if it is not working (for any reason) your could use route-maps / set ip next hop to manipulate the traffic. Could you please share your topology and configuration / show ip route on the branch?

Thank you 




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
dmpeter666
Level 1
Level 1
In response to Julio E. Moisa

‎06-14-2017 07:17 AM

I will modify the config tomorrow morning and then post it. If I modify it now they will lose internet connectivity.

Thanks for the response.

0 Helpful

Go to solution
Julio E. Moisa
VIP Alumni
VIP Alumni
In response to dmpeter666

‎06-14-2017 07:34 AM

That sounds good, please keep me posted. If your are going to use the local internet access for that specific brand remember to verify the NAT as well. The rest of the branches will still using the HQ internet access. 

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
dmpeter666
Level 1
Level 1
In response to Julio E. Moisa

‎06-15-2017 05:17 AM

Here is my config. Also the local subnet for that officeuses 172.16.x.x/25.

Thanks again.

Preview file
5 KB
0 Helpful

Go to solution
Julio E. Moisa
VIP Alumni
VIP Alumni
In response to dmpeter666

‎06-15-2017 06:43 AM

Thank you, please let me take a look to the file and share may findings. 




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
Julio E. Moisa
VIP Alumni
VIP Alumni
In response to Julio E. Moisa

‎06-15-2017 06:56 AM

Hi

If this router is a branch and it has a local internet access, your config looks fine, you need to configure a default route:

ip route 0.0.0.0 0.0.0.0 <next hop IP 'ISP' router>

or 

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/1.2

Please see the attachment, it is my understanding. Just the Branch 3 will use the local internet access. 

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
Preview file
26 KB
0 Helpful

Go to solution
dmpeter666
Level 1
Level 1
In response to Julio E. Moisa

‎06-15-2017 07:16 AM

Yes. Thank you and I will try that in the morning again.

Thanks again.

0 Helpful

Go to solution
Julio E. Moisa
VIP Alumni
VIP Alumni
In response to dmpeter666

‎06-15-2017 07:27 AM

Thank you, please keep me posted, I saw you have configured the ip nat inside on a sub interface, I dont know about your entire network but remember to configure the ip nat inside under the interfaces where the local private networks are known to get Internet access.

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
dmpeter666
Level 1
Level 1
In response to Julio E. Moisa

‎06-20-2017 03:25 AM

Thanks again. I just had the inside nat in the wrong place. Instead of having it on VPN sub interface I needed it on the main interface.

0 Helpful

Go to solution
Julio E. Moisa
VIP Alumni
VIP Alumni
In response to dmpeter666

‎06-20-2017 04:56 AM

Hi

Thank you for the update, good to know it was fixed.

Have a great day

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful
Customers Also Viewed These Support Documents