Am a little confused here. Can the same bandwidth utilized for WAN be also utilized for internet access. A vendor submitted a proposal and is quoting differently for both. I know they are two different services but the client wants both WAN and Internet services. I figured at locations where internet access wants to be denied its a matter of an acl or a policy stmt on the rtr.
Some providers can sell you "MPLS" with local internet hopoff, which means that the "WAN" can be used for both internet and site to site connectivity. (You send all of your traffic to the ISP router, they determine if it is internet or site to site and they send it to the internet for you if neccesary; it's all handled by them in their "cloud")
You can also get MPLS only, which is strictly site to site access. You can then get a separate internet connection, either at the HQ only, and route all sites out using it, or get an internet feed at each site and use PBR or something to send internet traffic out locally and site to site across your MPLS.
There's a million ways to do it. It depends on what you're being quoted. To answer the question you'd need to show us the quote and/or call the vendor to get them to explain exactly what you're buying from them...
Let's say you have 100 sites and a HQ where datacenter is:
You get two lines 1 for internet and 1 for MPLS which will interconnect all sites together through ISPs MPLS cloud.
If sites wanted to go to the internet they would come through WAN (mpls or whatever), ideally hit your proxy/firewall and hit the internet through your internet line, meaning you would need to connect WAN router and INTERNET router together.
Also you can have internet at each site and have some kind of PBR as Andrew mentioned which would say .. if the destination is for www.google.com go thru interface fa0/1 if the destination is for your datacenter server somewhere go through serial 0/0 or whatever you have, but supporting that as sites addup would be a problem.
Get some DSL/CABLE at each site and run some backup connection to HQ like Eigrp through DMPVN and so on.
Hello All, We have Cisco 5545-x & we running SSLVPN anyconnect. when we do tracert 1st hop is showing public of outside interface. we have configure tunnel route toward inside. but when do same think form other firewall it show next hope of ...
Cisco SD-WAN Cloud OnRamp allows you to simplify and secure connectivity to cloud applications and public clouds. Interested in testing out the latest Cisco Cloud OnRamp solutions?
Sign up to try out various use cases with the Cisco SD-WAN Cloud ...
“Use Serviceability Features to Troubleshoot your Cat9K as a Cisco TAC Engineer”
This special event is open only to Cisco Customers and Partners.
Many pages in the Cisco Community are accessible only to Cisco customers, partners, or logged in ...
Cisco Champion Radio · S7|E40 From SD-WAN to SASE: Speed Up and Secure SaaS Internet Apps
The changing global environment has transformed how enterprise users connect to applications. The SASE architecture delivers important networking and securit...
Hi guys,Have a question regarding spanning tree and way its supposed to work when there is a redundant path in fiber daisy-chained switches. Root switch for all vlans is connected via fiber link to the first of the daisy-chained switches. Below is same co...