ADTRAN Internet-Based WAN Backup manual Inbound on dial only allows sessions from Central

Page 5

Internet-based WAN Backup Solutions using NetVanta

The Internet as an Alternative

 

 

ip address 10.254.255.26 255.255.255.252 access-policy FR

dial-backup number 2222 digital-64k 1 1 ppp 2

!link interface ppp 2/ISDN for dial backup in case this VC is lost

interface ppp 2

description Dial Backup Interface to ISP with Firewall, VPN to CENTRAL Gateway ip address negotiated

access-policy DIAL crypto map HOSTviaDIAL

ppp authentication chap

username ISP_Dial_Srv password a

pppchap hostname ISP_Customer_Dial ppp chap password a

no shutdown

!

ip access-list extended REMOTE_to_CENTRAL remark permits local lan subnet to central subnet permit ip 10.1.1.240 0.0.0.15 172.31.4.0 0.0.0.255

!

!each interface has its own policy class to allow for

!discrete destination policy control if needed

!

 

ip policy-class DIAL

! inbound on dial only allows sessions from CENTRAL

allow reverse list REMOTE_to_CENTRAL

 

!

 

ip policy-class FR

! inbound on FR allows any session from CENTRAL

allow reverse list REMOTE_to_CENTRAL

 

!

 

ip policy-class LOCALLAN

! outbound on LAN allows any session to CENTRAL

allow list REMOTE_to_CENTRAL

 

!

 

!

 

ip route 0.0.0.0 0.0.0.0 fr 1.1

! static to primary.

ip route 0.0.0.0 0.0.0.0 ppp 2 3

! floating static to the dial backup link should the

!

! fr iface go down.

 

end

 

61200890L1-29.4A

Copyright © 2005 ADTRAN, Inc.

5

Image 5
Contents Configuration Guide Introduction 61200890L1-29.4A Copyright 2005 ADTRAN, Inc Copyright 2005 ADTRAN, Inc Inbound on dial only allows sessions from Central Copyright 2005 ADTRAN, Inc 61200890L1-29.4A Copyright 2005 ADTRAN, Inc Inbound on PoE allows any session from Central 61200890L1-29.4A Copyright 2005 ADTRAN, Inc Ip firewall fast-nat-failover 61200890L1-29.4A Copyright 2005 ADTRAN, Inc Primary default route