Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
Split Traffic on a Router

Split Traffic on a Router

24 0 0 0 0
View the author 1#

Hello to all,


I have been trying to apply the configuration to split the traffic by two different ISP's but I have made some mistakes that I am not able to see.


Basically I want to split vlan 2 traffic of the others.


Here is the configuration of the AR2200 Router.


<Router_ElPalau>dis current-configuration

[V200R009C00SPC500]

#

 sysname Router_ElPalau

#

 drop illegal-mac alarm

#

 clock timezone gmt add 01:00:00

 clock daylight-saving-time gmt repeating 2:0 last Sunday March 3:0 last Sunday October 01:00 2000 2037

#

vlan batch 2 to 4

#

authentication-profile name default_authen_profile

authentication-profile name dot1x_authen_profile

authentication-profile name mac_authen_profile

authentication-profile name portal_authen_profile

authentication-profile name dot1xmac_authen_profile

authentication-profile name multi_authen_profile

#

dns resolve

dns server 8.8.8.8

#

dhcp enable

#

dhcp server database enable

dhcp server database recover

#

 ecc peer-public-key 192.168.4.2 encoding-type der

  public-key-code begin

    0401C076 1B518194 D82E6B20 45DF3D7E 3034812A 7AF6A572 4A75145B 5EC63902

    198BA23E FB0110BF 5F3F6556 C4C0AA47 7296DE36 B55E19A7 7E36569E B58C1A7F

    C46E2B01 445B3708 DF599041 7398A0E0 478ADC0C 46B0EEAA 165C490C 096D0FD9

    73D123D2 585D8D2C 12BC8486 959C89F8 BFCAF8DA 79CA9F47 93E6DF38 93D6B6B2

    706B0D9C 81

  public-key-code end

 peer-public-key end

#

radius-server template default

#

pki realm default

#

ssl policy default_policy type server

 pki-realm default

 version tls1.0 tls1.1

 ciphersuite rsa_aes_128_cbc_sha

#

acl number 3001

 description NAT Outside

 rule 2 permit ip source 192.168.110.0 0.0.0.255

 rule 4 permit ip source 192.168.4.0 0.0.0.255

 rule 5 permit ip source 192.169.1.0 0.0.0.255

acl number 3002

 rule 2 permit ip source 192.168.111.0 0.0.0.255

 rule 4 permit ip source 192.168.4.0 0.0.0.255

 rule 5 permit ip source 192.169.1.0 0.0.0.255

acl number 3003

 description Orange Outside

 rule 1 permit ip source 172.16.0.0 0.0.7.255

#

ike proposal default

 encryption-algorithm aes-256

 dh group14

 authentication-algorithm sha2-256

 authentication-method pre-share

 integrity-algorithm hmac-sha2-256

 prf hmac-sha2-256

#

traffic classifier c1 operator or

 if-match acl 3003

#

traffic behavior b1

#

traffic policy p1

 classifier c1 behavior b1 precedence 5

#

free-rule-template name default_free_rule

#

portal-access-profile name portal_access_profile

#

ip pool Alumnes16

 gateway-list 172.16.0.1

 network 172.16.0.0 mask 255.255.248.0

 excluded-ip-address 172.16.0.2 172.16.0.40

 lease day 0 hour 2 minute 0

 dns-list 213.176.161.16 213.176.161.18

#

ip pool Gestio4

 gateway-list 192.168.4.1

 network 192.168.4.0 mask 255.255.255.0

 excluded-ip-address 192.168.4.10 192.168.4.40

 lease day 0 hour 4 minute 0

 dns-list 213.176.161.16 213.176.161.18

#

ip pool Profes10

 gateway-list 192.168.110.1

 network 192.168.110.0 mask 255.255.255.0

 excluded-ip-address 192.168.110.2 192.168.110.10

 lease day 0 hour 2 minute 0

 dns-list 213.176.161.16 213.176.161.18

#

aaa

 authentication-scheme default

 authentication-scheme radius

  authentication-mode radius

 authorization-scheme default

 accounting-scheme default

 domain default

  authentication-scheme default

 domain default_admin

  authentication-scheme default

 undo local-user admin

 local-user airfi password irreversible-cipher $1a$Rg8cXB5&S/$@YIz)nGRL+J"m,E<hD)1/3qVOwhWN=p_A~4P(U!U$

 local-user airfi privilege level 15

 local-user airfi service-type terminal ssh http

#

firewall zone OUTSIDE

 priority 10

#

firewall zone DMZ

 priority 15

#

firewall zone INSIDE

 priority 20

#

firewall zone Local

#

firewall interzone INSIDE OUTSIDE

 firewall enable

#

firewall interzone INSIDE DMZ

 firewall enable

#

interface GigabitEthernet0/0/0

 shutdown

#

interface GigabitEthernet0/0/1

 shutdown

#

interface GigabitEthernet0/0/2

 shutdown

#

interface GigabitEthernet0/0/3

 shutdown

#

interface GigabitEthernet0/0/4

 ip address 192.169.1.1 255.255.255.0

#

interface GigabitEthernet0/0/5

 description Interface Orange Outside

 ip address 192.168.1.2 255.255.255.0

 nat outbound 3003

#

interface GigabitEthernet0/0/6

 shutdown

#

interface GigabitEthernet0/0/7

 description Interface Outside Provisional

 ip address 192.168.0.5 255.255.255.0

 nat outbound 3001

 zone OUTSIDE

#

interface GigabitEthernet0/0/8

 description Interface Inside

#

interface GigabitEthernet0/0/8.2

 dot1q termination vid 2

 ip address 172.16.0.1 255.255.248.0

 zone DMZ

 traffic-policy p1 inbound

 dhcp select global

#

interface GigabitEthernet0/0/8.3

 dot1q termination vid 3

 ip address 192.168.110.1 255.255.255.0

 zone INSIDE

 dhcp select global

#

interface GigabitEthernet0/0/8.4

 dot1q termination vid 4

 ip address 192.168.4.1 255.255.255.0

 zone INSIDE

 dhcp select global

#

interface GigabitEthernet0/0/9

 description Interface Outside

 ip address 172.16.10.7 255.255.252.0

 nat outbound 3001

 zone OUTSIDE

#

interface GigabitEthernet0/0/10

 description VirtualPort

#

interface Cellular0/0/0

#

interface NULL0

#

 snmp-agent local-engineid 800007DB037CC385632530

#

 ssh client 192.168.4.2 assign ecc-key 192.168.4.2

 ssh client first-time enable

 stelnet server enable

#

 http secure-server ssl-policy default_policy

 http server enable

 http secure-server enable

 http server permit interface GigabitEthernet0/0/4

#

ip route-static 0.0.0.0 0.0.0.0 172.16.10.1

ip route-static 0.0.0.0 0.0.0.0 192.168.0.1

#

fib regularly-refresh disable

#

nqa test-instance admin KNOW_IP

 test-type udp

 destination-address ipv4 79.137.44.122

 destination-port 7777

 frequency 30

 start now

#

user-interface con 0

 authentication-mode aaa

user-interface vty 0 4

 authentication-mode aaa

 user privilege level 15

 protocol inbound ssh

#

wlan ac

 traffic-profile name default

 security-profile name default

 security-profile name default-wds

  security wpa2 psk pass-phrase %^%#@jbr!^3$qFsgv=P]ohHP)_L30}mAxKqAQSR;bs>)%^%# aes

 ssid-profile name default

 vap-profile name default

 wds-profile name default

 regulatory-domain-profile name default

 air-scan-profile name default

 rrm-profile name default

 radio-2g-profile name default

 radio-5g-profile name default

 wids-spoof-profile name default

 wids-profile name default

 ap-system-profile name default

 port-link-profile name default

 wired-port-profile name default

 ap-group name default

#

dot1x-access-profile name dot1x_access_profile

#

mac-access-profile name mac_access_profile

#

ops

#

autostart

#

secelog

#

return


Thank you very much for your help.


routerisppbracltraffic

Like (0) Dislike (0) Favorite(0) Share Report
Previous: [Trouble shooting]VRRP master/backup status is abnormal
Next: What is the difference between 0.0.0.0 and 127.0.0.1
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.