[IT Networking] 2 Default Gateways, 1 Router

C

Calx

Veteran XV
Anyone know if you can configure two different default gateways using one router? (Router is a Cisco ASA-5505)

Basically company wants to use 2 different connections, fast one for important people and slow one (ATT Uverse) for unimportant people... I drew a shitty network map in paint for reference. Tommy gets bad internet, CEO gets fast internet (go figure). This is how they want it... Cisco support just told me it can't be done, but this Indian chick was really hard to understand...

Also, AT&T tech said the IP address on their router (192.168.1.254) couldn't be changed, so it's not on our subnet...

Be gentle on me, I am IT newb

Spoiler


I would post a boob sacrifice to please the TW gods but I'm at work :|
 
i have a dual-WAN setup at one of my locations, but it either does load-balancing or failover (currently set to failover)

i don't see why you couldn't use multiple DHCP scopes (using a real DHCP server, not the built-in junk on a router) to point certain MACs at one gateway and others at another, but i haven't invested any thought or energy into it. maybe you can't.
 
Ztir said:
good luck with this, not even gonna touch it
Click to expand...

Just posted here to see if anyone could help, on the phone with support anyway. I saw some requests for CCIE's get good answers here so figured it'd be worth a shot :shrug:

nigafool said:
i have a dual-WAN setup at one of my locations, but it either does load-balancing or failover (currently set to failover)

i don't see why you couldn't use multiple DHCP scopes to point certain IPs at one gateway and others at another, but i haven't invested any thought or energy into it. maybe you can't.
Click to expand...

ya the cisco tech said given our network map and device only load balancing & failover were possible .. multiple DHCP scopes is a good idea, i'll look into that (ty)
 
A more appropriate approach would be to separate the hosts onto different vlans and ... use routes.

You are going to want to limit your broadcast domain. Using a couple of different DHCP scopes on the same layer 2 segment isn't going to achieve any type of robust QoS.
 
euph said:
A more appropriate approach would be to separate the hosts onto different vlans and ... use routes.

You are going to want to limit your broadcast domain. Using a couple of different DHCP scopes on the same layer 2 segment isn't going to achieve any type of robust QoS.
Click to expand...

I think they want to switch back and forth between the two internet connections (nfi why) by just changing the default gateway. Will that be possible in different VLANs?

I agree with your approach... but I have no clue why they want to be able to go back and forth.
 
That isn't a requirement you mentioned before, so no, but it would be possible with a dual homed machine. It would seem silly to me that people are going to want to "switch back and forth" though.

I would challenge your employer with more questions to determine what problem they are actually trying to solve, and develop your requirements from there.

Reserving bandwidth that goes unused, while a primary pipe stays saturated, is a waste of money to a company.

They would be better off by utilizing blended bandwidth between those two providers, and use QoS technologies to prioritize traffic for specific IPs.

I'm not sure how hardened they'd want this setup from a security perspective, but unless you limit your broadcast domains, it will be easy from someone on slow net to hop on fast net.
 
The way we do it is using either different VLANs or a combination of LAN/WAN.

Hot swapping between them? Possible with LAN/WAN (hook up when you want to be fast, using AD credentials or etc., and WAN if you want crappy, no credentials required).

Other than that, no idea. :psyduck:
 
There are devices that will let you do what you want, but I don't see where you can do that with what you have.
 
Last edited:
Calx said:
Anyone know if you can configure two different default gateways using one router? (Router is a Cisco ASA-5505)

Basically company wants to use 2 different connections, fast one for important people and slow one (ATT Uverse) for unimportant people... I drew a shitty network map in paint for reference. Tommy gets bad internet, CEO gets fast internet (go figure). This is how they want it... Cisco support just told me it can't be done, but this Indian chick was really hard to understand...

Also, AT&T tech said the IP address on their router (192.168.1.254) couldn't be changed, so it's not on our subnet...

Be gentle on me, I am IT newb

Spoiler


I would post a boob sacrifice to please the TW gods but I'm at work :|
Click to expand...

That is an idiotic waste of network resources.
 
I'm in the "this is stupid" truck. It is possible but I see no reason you would do it other than to make certain execs feel more important than the people who aren't good enough for the "good" internet.
 
Sadly that's the way it works with my company as well. Execs want something IT related done that isn't possible/over-complicated/uneeded/etc.? Do it anyway, they know best after all. :rolleyes:
 
[MoM] Gort said:
There are devices that will let you do what you want, but I don't see where you can do that with what you have.
Click to expand...

Zlex said:
That is an idiotic waste of network resources.
Click to expand...

JodoFett said:
I'm in the "this is stupid" truck. It is possible but I see no reason you would do it other than to make certain execs feel more important than the people who aren't good enough for the "good" internet.
Click to expand...

Yeah, you guys are right. Thanks for the feedback. After asking more questions to the executive it sounds like what they really want is to use TOR... gonna try to pitch it to them later. Don't think my boss is telling me/knows the full reasons why they want this to work but it doesn't seem ideal..

Small biz IT is great, ty all for help (first month in IT, sysadmin)
 
You must log in or register to reply here.
Back
Top