[c-nsp] Is this config even possible?
Bruce Pinsky
bep at whack.org
Sat May 12 13:34:54 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tuc at T-B-O-H.NET wrote:
> Hi,
>
> I currently have a 3640 and need to put it into a very odd
> configuration
>
> E0/0 - Needs to be connected to a Satellite modem. This interface
> has to do DHCP to the modem to get its ip, otherwise the Satellite modem
> gets cranky. Because this is a *VERY* restrictive link (No inbound connections
> allowed at all, other limitations...) I've set up an IPSEC Tunnel to a
> router elsewhere, and then running GRE under it. (THAT was a nitemare because
> my endpoint is a private IP). I can go out this interface however I want
> since it NATs it.
>
> E0/1 - Needs to be connected to a Cisco 2924 switch (Fairly easy I think).
>
> E1/0 - Needs to be connected to a Wireless antenna. I've been given a fixed
> PRIVATE IP for this interface, and its behind a Cisco 2851 doing NAT, so
> all the typical "Behind NAT" rules apply. Since I'm behind the 2851/NAT
> I'd like to get a tunnel running back to the "router elsehwere" mentioned
> above. Anything going out this interface HAS to go out with the IP assigned
> to this interface
>
> E1/1 - Connected to another Cisco 2924 switch (Fairly easy again I think)
>
> My network inside is connected to the E0/1 connected 2924, and has its own
> private IP space. The one connected to E1/1 is a warm standby (Everything
> would have to be re-plugged)
>
> After resolving all that.... Is the following possible...
>
> I want a floating "default route". The order would be :
>
> Over the E1/0 tunnel
> If unavailable, then over E1/0
> If unavailable, then over E0/0 tunnel
> If unavailable, then over E0/0
> If unavailable.....Cry...
>
>
> OR, am I going about this the entirely wrong way?
>
If you aren't running a dynamic routing protocol on the interfaces, you may
get stuck in the situation where the interface is up but there is not
reachability over the interface (a common problem with ethernet interconnect).
Depending on the version you are running, I would suggest looking at
Reliable Static Routing Backup
http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/products_feature_guide09186a00801d862d.html
- --
=========
bep
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGRfq+E1XcgMgrtyYRAn/XAKCuUiYlBzc5mnr0llxrKYEjVJT+CgCeJBZB
5nE4Twq90gFIJh7MNjrqYaw=
=Hhqq
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list