2 WAN CONNECTION USING HSA-500 WITH DINAMIC ROUTING

show runKANTOR-A# show running-config
!
hostname KANTOR-A
!
interface tap1
enable
ip ospf priority 0
!
ip route 10.10.1.0/24 nexthop 172.22.1.254
ip route 10.55.0.0/16 nexthop 10.55.91.97
ip route 192.168.1.1/32 nexthop 3g-lte1
ip route 192.168.1.1/32 nexthop 3g-lte0

!
security sslvpn-client 1
tap ospf priority 0
start
!
firewall-set 01 mark 1443 output tcp dport 1443 remark “tunnel1 traffic”
firewall-set 02 mark 3443 output tcp dport 3443 remark “tunnel2 traffic”
firewall-set 03 mark 4443 output tcp dport 4443 remark “tunnel3 traffic”
!
ip access-list 20 permit 10.10.150.0 255.255.255.0
ip access-list 30 permit 0.0.0.0 0.0.0.0
ip access-list 30 permit 172.22.1.0 255.255.255.0
!
route-map LAN permit 10
match ip address 30
!
route-map tunnel permit 20
match ip address 20
!
ip pbr policy 1443 fwmark 1443
ip pbr policy 3443 fwmark 3443
ip pbr policy 4443 fwmark 4443
!
ip pbr route 1443 182.253.192.85/32 nexthop interface 3g-lte0 remark “route tunnel2 via LTE0”
ip pbr route 4443 182.253.192.85/32 nexthop interface 3g-lte1 remark “route tunnel2 via LTE1”
!
router ospf
network 14.14.0.0/16 area 0
network 172.22.1.0/24 area 0
redistribute connected route-map tunnel
!
router bgp 64150
bgp timer 20 20
bgp router-id 172.22.1.150
neighbor 172.22.1.150 activate
neighbor 172.22.1.254 as-remote 64515
neighbor 172.22.1.254 soft-reconfiguration
neighbor 172.22.1.254 update-source eth0
network 10.10.150.0/24
redistribute connected route-map tunnel

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: