Announcement

Collapse
No announcement yet.

Routing all traffic across point to point link.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Routing all traffic across point to point link.

    Hello everyone,


    First time posting on this site and it's a pretty easy question (I think).


    Trying to setup two routers with a Pix behind each of them. I want to set these routers up as the default gateways and route all traffic between them but Web traffic. The PC's then use the Pix's for all internet traffic. Port 80 and 8080 will be forwarded out those devices.


    Now I have done similar setups like this in the past but not for multiple sites. I am pretty sure it's pretty easy to do and just figured I'd ask you guys/gals for some advice. Thanks a bunch for any input!



    Cheers!

    Phil

  • #2
    Re: Routing all traffic across point to point link.

    can you make a simple drawing?
    It talks a little bit easier
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Routing all traffic across point to point link.

      Sure thing.




      Site A Site B
      Point to Point t1
      Pix --- Cisco 2811<------------------------------>Cisco 2811----Pix
      e0 e0 s0 s0 e0 e0


      So imagine this setup with a switch in the mix on both ends as well, if they are layer 3 switches or not, I don't know that yet. Also on the other ends of the Pix's are just some Cisco routers that terminate the Internet T1 at each site. But regardelss, all traffic that's not Web traffic would go over the point to point across the serial links on the Cisco 2811. You know, mail, ftp, etc. etc. etc. All web traffic would go out their own Pix and ultimately those Cisco routers terminating the Internet T1's. I have done similar stuff like this before but it involved putting static routes on the servers. I don't think it's necessary with this setup to do anything like that but I could be wrong. Just wondering what the possible possible configuration would be given the sitaution. I mean adding just static routes aren't enough right? You have to possibly do some sort of internal natting? Again, I could be wrong and it may be way easier than I am thinking. Thanks again!



      Phil

      Comment


      • #4
        Re: Routing all traffic across point to point link.

        Oops, the picture didn't come out quite like planned once posted.


        The point to point separates the Site A and Site B and just move the serial and ethernet interfaces to the proper places. But it's pretty basic, if you want me to draw up a visio i can do that to. Thanks!

        Comment


        • #5
          Re: Routing all traffic across point to point link.

          Hi philsky,

          I am confused - how many Internet connections you have? Here is the diagram I drew...

          If it is wrong, feel free to correct it and repost.

          Thanks,
          David
          Attached Files
          David Davis - Petri Forums Moderator & Video Training Author
          Train Signal - The Global Leader in IT Video Training
          TrainSignalTraining.com - Free IT Training Products
          Personal Websites: HappyRouter.com & VMwareVideos.com

          Comment


          • #6
            Re: Routing all traffic across point to point link.

            David,


            Yes, that's exactly correct. Thank you for posting it.


            Two Internet connections, one at site A and one at site B, two absolutely separate locations. I think static routing between the sites will work just fine for the point to point connection, but what I am looking to do is force all Web traffic out each of those T1 connections through the Pix/Internet routers, not over the WAN ever.


            Thanks so much!


            Phil

            Comment


            • #7
              Re: Routing all traffic across point to point link.

              Hi philsky,

              Okay, so this is a task for routing. The NAT is done on the PIX.

              So say that you config a static route on the PIX to point to the private network (I assume) on the other side of the private T1. Let's say network 10.1.1.0 can reach network 10.1.2.0 over the point to point private t1.

              Then, you have a default route on each PIX that points to the Internet connection.

              In that case, all traffic would go to its respective network. As long as you weren't using dynamic routing, which could allow the Internet traffic across the private T1 if one side of the Internet connection went down, then the Internet traffic would go to the Internet and the private network traffic would go to the private network.

              Now, what would happen with that is http and https traffic that had a destination on the other side of the private network would still go over the point to point private t1 but I would think that you would want that as that traffic is going to an internal web server and I'm not sure why you would want to force it to be NAt'ted, ride the Internet, and be NAT'ted again to be delivered to the private network.

              Are you okay with what I described above, using the static routing?



              Thanks,
              David
              David Davis - Petri Forums Moderator & Video Training Author
              Train Signal - The Global Leader in IT Video Training
              TrainSignalTraining.com - Free IT Training Products
              Personal Websites: HappyRouter.com & VMwareVideos.com

              Comment


              • #8
                Re: Routing all traffic across point to point link.

                Makes complete sense, David, thank you.


                I guess my question does that port 80 traffic need to be forced out the Pix Interface as perhaps congestion was being caused if it would try to go over the point to point? That's obviously not the case, I didn't know it would go out the respective network as long as there's a static route to the Pix and not dynamic. That's great to know, thank you very much!! I'll definitely be posting on here more often, to help others as well.


                Now I just have to make sure thier not doing dynamic routing!




                Phil
                Last edited by philsky; 31st May 2007, 17:08. Reason: Added sentence.

                Comment


                • #9
                  Re: Routing all traffic across point to point link.

                  HI philsky,

                  Glad to help!

                  Yes, I would always welcome your input on questions! We all have something to contribute as there is no one that knows everything about everything. I would appreciate your contributions to the forums.

                  Thank you,
                  David Davis - Petri Forums Moderator & Video Training Author
                  Train Signal - The Global Leader in IT Video Training
                  TrainSignalTraining.com - Free IT Training Products
                  Personal Websites: HappyRouter.com & VMwareVideos.com

                  Comment

                  Working...
                  X