Redundant t1 with vpn failover

matt.kurtzhals · ‎02-18-2008

We have a VPN connection to a service provider for an ASP connection. I would like to bring in a second t1 for maybe load balancing and recovery. Our vpn tunnel is between a cisco concentrator and a watchquard firewall. Is there any possible way of setting up a failover link if isp A were to failover and isp b would take over? I am guessing this is going to have to be a manaual process of setting up the tunnels. Not sure of any way to do this with static ips from ISPs. I am guessing there maybe a way to do this with BGP??

spremkumar · ‎02-18-2008

Hi

can you revert back on whether you have any routing devices in between where the wan link is getting terminated on these locations ???

if its so then you can think off having either a load balancing or a redundancy scenario out there on those links connected to a routing device.

regds

shivlu jain · ‎02-19-2008

Yeah you can configure the failover by using the HSRP Or VRRP in your lan in which the default gateway wull always be your virtual ip address.

You can also use the same by defining 2 groups which can fulfil your requirement for the load balancing.

I have one other option which is already tested in live scenerio i.e PBR with this you can make one isp primary for the sap or oracle trafic and rest of the traffic will be forwarded to the another isp. In case of failure redundancy will proper work . IN this you have to run the dynamic protocol between the two lan links.

regards

shivlu