Cisco :: Network with two ISPs

July 15, 2009 at 04:48:38
Specs: Windows XP
Hi there,

Guys i really need your help..

Actually I have cisco 2800 series router that has two fastethernet interfaces, one of them is defined as internal network and the other one is as external. In our network there almost 15 subnets, and have two external links.
I want to route some selected VLANs to first external link, and rest of them should go through second external link.

For example:
(the above VLANs should be routed to router A which is my first ISP)
(the above VLANs should be routed to router B which is my second ISP)

All VLANS are connected to fastethernet 0/0,and both ISPs will be connected to fastethernet 0/1

My internal network has no issues, on external interface (fastethernet 0/1) i have defined networks for both ISPs( because i am having static pool of IPs)

Now my main question is how can i configure my cisco router to route traffic on the basis of source subnets.

ip route command is used to route traffic on destination basis. I am getting extremely confused in this thing.

Please help me out!

See More: Cisco :: Network with two ISPs

Report •

July 15, 2009 at 08:11:05
those are subnets not vlans. Vlans are in the form vlan1, vlan2 or descriptive like marketing vlan or sales vlan.

You create subinterfaces for each subnet on the interface desired.

Report •

July 15, 2009 at 08:19:02
All VLANS are connected to fastethernet 0/0,and both ISPs will be connected to fastethernet 0/1

So what you're saying is:

fa0/0 = internal interface
fa0/1 = external interface

I'm not sure if you can actually connect two separate external connections to one interface of a router without using a switch. How had you planned on doing that exactly?

To my way of thinking, each external interface would be connected to a separate interface on the router (ie: fa0/1 = external 1 and fa0/2 = external 2)

Now my main question is how can i configure my cisco router to route traffic on the basis of source subnets.

I'm no authority on Cisco routers as we use teamed redundant OpenBSD servers for our firewalls here where I work. I do have a couple 2600's and one 2800 kicking around but I really haven't had time to play with them.

Drawing from my own experience though, I would do something as follows (going with my "1 interface per external connection" theory)

fa0/1 = external 1
IP =

fa0/2 - external 2
IP =

Then your IP configuration for subnets 0-6 would have the default gateway IP of (external 1) and for subnets 7-15 would have default gateway (external 2)

You would only need to route between subnets.....the default gateway used in each subnet would be what you use to control which interface the external traffic for that subnet would flow through.

Report •

July 15, 2009 at 10:05:37
Well in order for all 15 subnets to communicate with each other you will need 15 routers. So its getting all confusing when you mix VLAN with subnets.
So let’s answer these questions:
1) What is you local ip addressing scheme?
2) Do you use static IP addresses on your PCs?
3) How did you managed to connect both ISPs to fast Ethernet 0/1?

let me get you :)
vlans are logical interfaces which can be configured on Cisco switches not routers

The 172.30.*.* is class B network, with default subnet mask of and since you have subnet mask of /24 giving you 256 subnets to use(with 254 hosts per subnet).

Since each subnet has to have a device which connects them - I wonder how did you implement this?
or there is no communication between subnets?

Regarding your main question - how to connect different IPs to different ISP. well
1st solution will be to use different logical(and physical) interfaces on router - and assign all PC to different default getaways.
Example -
fa0/1 ip add = = ISP1 settings
fa0/2 ip add = = ISP2
after you add your ISP settings on router

on pcs you will assign default getaway to preferred ISP

2nd thought is to use NAP or NAT (since you have ISP static ip pool)

but still - what is your ISP - how do you connect to internet atm? ADSL? leased line? what are you trying to achieve? :)

3rd I’d maybe consider to use Clark Connect to do multi-wan

Bers Power

Report •

Related Solutions

July 15, 2009 at 12:16:17
Well in order for all 15 subnets to communicate with each other you will need 15 routers.


Maybe I'm wrong here (wouldn't be the first but it seems to me you'd need a route between each subnet that you wanted communicate, not a separate router.

Where I work we have in use right now something like 40 subnets. Of those at least 15 are "client" subnets, and all subnets are VLAN tagged.

We route all the client subnets (approx 15) inside our dual redundant core switches. All other subnets (Server, DMZ, etc) are routed by our routers. Allowing for them being teamed (I'll count the teamed pairs as 1) we have 9 routers handling the other 25+ subnets. The reason we have so many is how our security is layered. I'm assured by our security guy (who's actually in charge of the routers) that he could do all routing on a single router if need be. In fact, prior to deploying our new layered security scheme about 2 years ago, it all ran through one router.

Report •

July 15, 2009 at 12:28:06
That statement also struck me as odd coming from a ccnp.

Report •

July 15, 2009 at 13:24:55
curt you are correct :) in that part -> Of those at least 15 are "client" subnets, and all subnets are !VLAN tagged!.

you can connect different vlan throu trunking - but that will req cisco router and cisco switch with configured VLANS and subinterfaces. As there is much confusion in terms of what the actual layout is. I assume that he doesnt have VLANS yet.

>>Well in order for all 15 subnets to communicate with each >>other you will need 15 routers.
well coz subnets designed to separate 1 network from another and the only way they will be able to communicate is throu the router interface. Where is router interface has to be in same network as the rest of pc's.
i.e -
subnet 1 network
pc ip // - router fa0/1 ip add
subnet 2 network
pc ip // router fa0/1.1 ip add

then by default without routing it wont work - but then again :) if you add routing, then its kinda useless in 1st place to do subnets.

so again to original question - routing selected subnets to paticular ISP, only 2 things comes to mind - static routes and NAT/PAT

Report •

July 15, 2009 at 23:33:12

I didn’t talk about my internal network, that’s why I mentioned that I have no issues in internal network.

Let me clear up the scenario..

These subnets are basically different VLANs, like is VLAN1, is VLANs and so on. I have 3COM switches in my network to deal with all VLAN infrastructure. Then the core switch is connected to my ISA firewall and then it is connected to Cisco router. Since I have two external links and have some prioritized VLANs, so I must have to Route Policy in ISA.

Now its like when traffic is coming from VLAN1 on to the firewall, it just analyze the packets and forward them to Cisco without NAT that means will arrive at internal interface of the Cisco router. Now here I want Cisco router to see source and route the packets on the basis of source subnet.

Report •

July 16, 2009 at 04:26:46
about your external network
ISPs - are they from same company?
how are they physicaly connected?
do you have logical subinterfaces on fa0/1?
are you trying to load balance your internet connection or just make 2 separate connections?

you can do it 2 ways - via static routes or by policy routing
(example here - --- scrol lto bottom, look for Policy Routing Example )
just need to find out what will work on ur setup.

Report •

July 16, 2009 at 05:21:31
Yes indeed! I have different ISPs, having different IP addressing.
Policy based routing can be an option for this scenerio but i am wondering about two problem in this solution.

1. Two networks on the same interface will work together or primary will be working and secondary would be using as a redundant path?

2. Will policy based routing work with NAT? (in my case, i am using NAT on the same router)

These are the biggest question marks coming in my mind when i look at policy based routing...

Report •

July 17, 2009 at 04:40:58
1. you can either put second logical interface on fa0/1.1 but then you will need to change encaplulation )which may not work with ISP) or out primary and secondary. Althou I never seen good examples of plugging 2 isps to same interface :)

2. it works on packet tracert with similar to your config.
but i suggest you play around with it on cisco packet tracer (or similar sims) with ur setup and see what kind of problems it may have, as well as additional configuration you require.

Report •

Ask Question