Hi,
I have a 1721 with an adsl interface, a 128k serial interface and a fast ethernet interface. I would like to split my outbound traffic in the following way:
1) smtp and pop3 route to the serial interface
2) all other traffic to the adsl interface.
I have tried to use route-maps with acls, but this does not seem to work - please see this config - why does it not work, if I apply it, all outgoing traffic goes down the serial line???
!
version 12.2
service nagle
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname ??????
!
enable secret
enable password
!
ip subnet-zero
!
!
ip domain name iafrica.net
ip name-server 196.7.142.132
ip name-server 196.7.0.138
ip name-server 196.7.142.13
!
ip cef
vpdn enable
!
vpdn-group pppoe
request-dialin
protocol pppoe
!
!
!
!
!
!
interface ATM0
no ip address
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
no fair-queue
!
interface ATM0.1 point-to-point
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
ip address x.x.x.x x.x.x.x
ip nat inside
ip tcp adjust-mss 1452
ip policy route-map redirect
no ip mroute-cache
speed auto
!
interface Serial0
description 128Kbps Link
bandwidth 128
ip address x.x.x.x x.x.x.x
encapsulation ppp
no ip mroute-cache
no fair-queue
down-when-looped
!
interface Dialer1
mtu 1492
ip address negotiated
ip nat outside
encapsulation ppp
dialer pool 1
ppp chap hostname xxxx
ppp chap password xxxxx
ppp pap sent-username xxxxx password xxxxx
!
ip nat inside source list 1 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.0.0.0 255.0.0.0 Null0
ip route 12.168.0.0 255.255.0.0 Null0
ip route 172.16.0.0 255.240.0.0 Null0
ip route 192.168.0.0 255.255.255.0 Null0
ip route x.x.x.x x.x.x.x Null0 254
no ip http server
!
!
access-list 1 permit [fastethernet ip address]
access-list 101 permit tcp any any eq smtp
access-list 101 permit tcp any any eq pop3
access-list 102 permit ip any any
!
route-map redirect permit 10
match ip address 101
set interface Serial0
!
route-map redirect permit 20
match ip address 102
set interface Dialer1
!
!
line con 0
speed 115200
line aux 0
line vty 0 4
password
login
!
no scheduler allocate
end
Any suggestions would be great, I am pulling my hair out!
I have a 1721 with an adsl interface, a 128k serial interface and a fast ethernet interface. I would like to split my outbound traffic in the following way:
1) smtp and pop3 route to the serial interface
2) all other traffic to the adsl interface.
I have tried to use route-maps with acls, but this does not seem to work - please see this config - why does it not work, if I apply it, all outgoing traffic goes down the serial line???
!
version 12.2
service nagle
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname ??????
!
enable secret
enable password
!
ip subnet-zero
!
!
ip domain name iafrica.net
ip name-server 196.7.142.132
ip name-server 196.7.0.138
ip name-server 196.7.142.13
!
ip cef
vpdn enable
!
vpdn-group pppoe
request-dialin
protocol pppoe
!
!
!
!
!
!
interface ATM0
no ip address
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
no fair-queue
!
interface ATM0.1 point-to-point
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
ip address x.x.x.x x.x.x.x
ip nat inside
ip tcp adjust-mss 1452
ip policy route-map redirect
no ip mroute-cache
speed auto
!
interface Serial0
description 128Kbps Link
bandwidth 128
ip address x.x.x.x x.x.x.x
encapsulation ppp
no ip mroute-cache
no fair-queue
down-when-looped
!
interface Dialer1
mtu 1492
ip address negotiated
ip nat outside
encapsulation ppp
dialer pool 1
ppp chap hostname xxxx
ppp chap password xxxxx
ppp pap sent-username xxxxx password xxxxx
!
ip nat inside source list 1 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.0.0.0 255.0.0.0 Null0
ip route 12.168.0.0 255.255.0.0 Null0
ip route 172.16.0.0 255.240.0.0 Null0
ip route 192.168.0.0 255.255.255.0 Null0
ip route x.x.x.x x.x.x.x Null0 254
no ip http server
!
!
access-list 1 permit [fastethernet ip address]
access-list 101 permit tcp any any eq smtp
access-list 101 permit tcp any any eq pop3
access-list 102 permit ip any any
!
route-map redirect permit 10
match ip address 101
set interface Serial0
!
route-map redirect permit 20
match ip address 102
set interface Dialer1
!
!
line con 0
speed 115200
line aux 0
line vty 0 4
password
login
!
no scheduler allocate
end
Any suggestions would be great, I am pulling my hair out!