Static routing a public address!

doohderdoohder Member Posts: 4 ■□□□□□□□□□
Ok here is what I have I have a internal network of 10.x.x.x and I need to route a leased ip address to a wireless system that our ISP manages for us. I have a picture to represent the path I want the wireless system to go.wirelessrouting.jpg
well basically im centralizing all the hotels right now. Here is the way it currently is setup
WirelessCurrently.jpg
Right now PLP and GrandRios are linked together VPN. I am getting ride of that and put in true point to points in each location and have load balanced t1's out of PLP. The internal users I have going through the ISA server/SNAT to get them out in the internet I have all that going through RIPv1 and set gateway of last resort as 10.1.0.10 which is the ISA server. Now I am tryin to make a static route for the wireless system out to the ISP. Any suggestions with out affecting the gateway of last resort would be great! the reason for feeding the wireless system out the way it is cuz I don't want the wireless people to be restricted by a firewall. Nor be part of our internal network.

Comments

  • bones0145bones0145 Member Posts: 12 ■□□□□□□□□□
    the way i would do that IF i didn't want traffic to go through the firewall (i'm not going to ask why) is to make an ACL to stop traffic going out on the port the firewall is on for the 216 network on the plp router,

    but you probably have the cost for the routeing protocol set to make traffic go through the firewall......

    i'm pretty sure with the brillance of cisco the router will know to forward the pack out the seconday interface if the primary route is denying it. not positive about that though.
  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    I dont see exactly what your asking help in? You have decided to create static routes so create afew static routes and thats it?
    Will all the hotels have the same wireless setup therefore it might be alot of statis routes?
    Since you havent given us full details on your addressing scheme its impossible for me to say if you have an address problem.
    Why are you using RIPv1? You will not be able to run the 216.x.x network in RIP as its discontiguos.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • doohderdoohder Member Posts: 4 ■□□□□□□□□□
    I am using RIP cuz it was eazy and quick to get up and running with the ISA the RIP broadcast don't take much overhead from the use of the T1 lines. I just want to make static routes for 216.x.x.x cuz the ISP says that the wireless system must still have a public address I am just having problems static routing that one 216.x.x.x address.
  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    My advice would be firstly if you want to stick with rip,use ripv2.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • doohderdoohder Member Posts: 4 ■□□□□□□□□□
    I could swtich over to RIPv2 if it is going to be eaiser. right now the GrandRios is just a spare router I have connected to PLP router through a T1 crossover cable. So as of right now the PLP router is only for the point to points comming into it. so basically the PLP and GrandRios are just in test phase right now. I have gotten the ISA in and implemented and got the a test user behind the GrandRios router through the ISA on the Internet. By setting up ip route 0.0.0.0 0.0.0.0 10.1.0.10 which is the isa and it puts a gateway of last resort to the ISA other then that...thats kinda where im at lost!!!!
  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    The way to allow the wireless to access the internet without going through the firewall is by creating a route map.
    So on your PLP router you will need to do the following.

    access-list 100 permit ip 216.x.x.x 0.0.0.255 any "use the correct mask"

    int s0
    ip address 10.2.1.1 255.?.?.?
    ip policy route-map wireless

    #route-map wireless permit 10
    match ip address 100
    set ip next-hop 10.5.0.2
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
Sign In or Register to comment.