Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
215
Views
0
Helpful
1
Replies

Internet Redundancy

david.lowe
Level 1
Level 1

‎10-01-2007 08:41 AM - edited ‎03-09-2019 06:55 PM

I have two campuses, each with their own 100Mbps Internet connection, that I would like to configure for Internet redundancy.

My current setup consist of a split class C address block where we route addresses 192.231.40.1 - .128 to campus A and addresses 192.231.40.129-.254 to campus B.

I am wanting to do an active/active type configuration so that both connections can be equally utilized during normal operating conditions, so that failover is in place during an outage at one campus. Do note that I am using the same ISP for both connections. I am thinking that I'll need (2) ASA5520's to do this. What I'm a little uncertain of is how I need to configure the equipment behind the firewall to support this type of configuation.

Do note that I am open to any other suggestions in regards to my redundant Internet solution. Any ideas would be great.

Thanks

Labels:
0 Helpful
1 Reply 1

Not applicable

‎10-17-2007 03:34 PM

You can use the two ASAs to firewall your internet connections. Then configure them to inject default routes into OSPF on the inside on the network. This will take care of your outbound traffic.

Since you are using the same provider for both connections you can have them add floating statics for you public blocks so that 192.231.40.0/25 can be routed to campus B in the event of an outage and vice versa. This will take care of your inbound routing.

Hope this helps,

Jason

0 Helpful
Customers Also Viewed These Support Documents