static route, machine specific

[xyon]

Our network has varioud internal networks at remote locations. The remote sites utilize Cisco 1700 series routers. The host router is a 2600. All addresses go through the host which redirects them through a win2k filter server then through a linux firewall out to the internet. There IS a route that can skip the win2k server and go straight to the Linux firewall out to the internet. I'm thinking this will increase some performance and reduce some stress on the win2k server if I take users that don't need to be filtered out of that route and send them directly to the linux firewall.

Now my question is, what do I need to enter in the config in the host (2600) to enable only specific addresse(s) to follow the route to the Linux firewall instead of to the Win2k Filter Server? I tried 'ip route <my addy> <my subnet> <linux firewall>' but seemed to lose all access to the network even though my default gw was the local router.

 

[hexn]

You need to do what is called policy routing. Do a search for policy routing on cisco.com Policy routing lets you route based on source IP instead of destination IP.

 

[baddos]

You could setup an IGP like OSPF, EIGRP, RIP, etc to carry the routes of all your 1700's and the 2600. Then on the 1700's but the default gateway to be that of the w2k server. For the special users that are going to go to the linux fw, put the default route to be that of the firewall.

Having your IGP running will enable you to have your default route be an IP of a router that isn't necessarily directly connected.