routing guest net to separate WAN

jozefvl68 · ‎03-11-2013

I have a cisco 877 connected on the wan side to two different network providers.

On the lan side I have an untagged network on subnet 10.0.0.0 and tagged guest net on 192.168.1.0

currently both are routed out through fastethernet 0 (vlan 1)

I actually want to route the tagged net fastethernet 1 (vlan 3) so I can use different providers.

With the current setup both normal and guest net work with the dhcp pools.

However, when I change the guest dhcp pool to 192.168.2.0 network, I stop getting IP addresses.

ip dhcp pool guest

network 192.168.2.0 255.255.255.0

default-router 192.168.2.1

end

what am I missing?

blau grana · ‎03-15-2013

Hello jozef,

currently both are routed out through fastethernet 0 (vlan 1)

you ment vlan2, vlan 1 is your 10/8 internal network.

I actually want to route the tagged net fastethernet 1 (vlan 3) so I can use different providers.

You have to configure policy based routing for guest network

interface LAN_interface

ip address 192.168.1.0 255.255.255.0

ip policy route-map PBR_MAP

ip access-list extended network_guest

permit ip 192.168.1.0 0.0.0.255 any

deny ip any any

route-map PBR_MAP permit 10

match ip address network_guest

set ip next-hop NEXT_HOP-you_want_to_use

With the current setup both normal and guest net work with the dhcp pools.

However, when I change the guest dhcp pool to 192.168.2.0 network, I stop getting IP addresses.

ip dhcp pool guest

network 192.168.2.0 255.255.255.0

default-router 192.168.2.1

end

what am I missing?

You can not change guest pool just like that.

interface Vlan2

ip address 192.168.1.2 255.255.255.0

interface Vlan3

ip address 192.168.2.2 255.255.255.0

If guest pool is 192.168.1.0/24, users on Vlan2 will obtain IP addresses and users on Vlan3 will not. When you change guest pool to 192.168.2.0/24, users on Vlan3 obtain IP addresses and users on Vlan2 not.

LANnetwork has to match with DHCP pool for DHCP to work on that LAN segment.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

jozefvl68 · ‎03-17-2013

First of all, thanks for your reply.

the command int LAN_interface is not an accepted interface

could you direct me to the correct one? should I make a virtual-access2 instead?

it only accepts the following:

routercisco1(config)#int ?

ATM ATM interface

Async Async interface

BVI Bridge-Group Virtual Interface

CDMA-Ix CDMA Ix interface

CTunnel CTunnel interface

Dialer Dialer interface

FastEthernet FastEthernet IEEE 802.3

Group-Async Async Group interface

Lex Lex interface

Loopback Loopback interface

Multilink Multilink-group interface

Null Null interface

Tunnel Tunnel interface

Vif PGM Multicast Host interface

Virtual-Access Virtual Access interface

Virtual-Dot11Radio Virtual dot11 interface

Virtual-PPP Virtual PPP interface

Virtual-Template Virtual Template interface

Virtual-TokenRing Virtual TokenRing

Vlan Vlan IEEE 802.1q

range interface range command

vmi Virtual Multipoint Interface

routercisco1(config)#int

thanks in advance

blau grana · ‎03-17-2013

Hello Jozef,

Sorry for the confusion.

LAN_interface -> is just alias for your real LAN interface, from information you have provided is not clear which one is it.

So if your LAN interface (Layer 3 interface -> gateway) is for example Vlan 222, you will apply policy-map on this interface.

interface Vlan 222

ip policy route-map PBR_MAP

Policy map which I created is for 192.168.1.0/24 network, so you have to apply that policy map on interface where that network is terminated.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions