Wow, one person replied, thanks Kenny.
However, I cannot do BGP, as indicated in the e-mail.
I realize that this is the optimum solution, but
cannot do this.
So my solution is as follows (yet to be tested):
PAT everything out of the PIX to a PacBell public IP,
except for the public servers, which will have a
conduit mapping them to an IP in the government ISP
range. The all 0's route in the PIX points to the
PacBell router. Then put a route-map on the PacBell
router so that all traffic with a source address of
the government's IP range has a next hop of the
Government router. It would then have a default route
out to the Internet.
Therefore all of the public servers would traverse and
return via the T1 and all Internet surfing would
traverse and returen via the DS-3.
Hoping this works.
Brian
BTW, I had already checked out the link. It looks
good, but every solution still requires BGP. Thanks
anyway.
--- "Kenny@Netzero" <[EMAIL PROTECTED]> wrote:
> Ask PACBell for a /24 and coordinate with the govt
> ISP to route it and do
> BGP. There's also a very intersting article on
> Cisco somewhere about using
> NAT in this situation. Check this out:
>
http://www.cisco.com/warp/public/cc/pd/iosw/ioft/ionetn/tech/emios_wp.htm
> I've never implemented it but would love to. Good
> luck,
>
> Kenny
>
>
> "Brian Wilcox" <[EMAIL PROTECTED]> wrote in
> message
>
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I am currently adding another circuit to an
> additional
> > ISP for my network. I want to be able to use the
> > first circuit for a redundant backup but am not
> clear
> > on how to accomplish this.
> >
> > The setup:
> > (diagram located at
> >
>
http://www.geocities.com/bwilcox_email/Routing_Design.html)
> > - watch word wrap
> > Internal LAN connected to two PIX's, one in
> failover
> > mode. The PIX's current default route points to
> the
> > old ISP (government). All of our internal
> (public)
> > addresses are from the Government ISP's address
> space,
> > which we have a /25 block. I'm currently NATing
> my 10
> > net to this pool. I have an internal web server
> that
> > the users need access to from outside the network.
> > I'm adding the new circuit via PacBell and would
> like
> > traffic to take that route and failover to the
> > Government ISP.
> >
> > First solution: do BGP. Well, I can't. I only
> have a
> > /25, too specific, from the Government ISP and I
> have
> > to maintain the same address space. So my next
> > thought would be to PAT everything out the PacBell
> > circuit. That's fine and dandy but then the web
> > server will reply to the source with a different
> > address. I'd like to route the web server to the
> > Government ISP. The only way I can think of doing
> > that is via some sort of route map or policy map.
> >
> > Any comments would be greatly appreciated.
> >
> > Thanks, Brian
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! Photos - Share your holiday photos online!
> > http://photos.yahoo.com/
> >
> > _________________________________
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
> >
>
>
> _________________________________
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
