cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
825
Views
0
Helpful
4
Replies

Dual-Home Internet Connectivity Design Help

Hi All,

Need your help on Dual- homed internet connectivity design.

Please refer the attached diagram & following design requirements

Information

• We have our own APNIC range public ip address let's say /24 range A and B

• Router 1 connects to SP provider 1 & Router 2 connects to Service provider 2

• With Both SP we decided to run BGP session and advertise both APNIC range with both SP

• We do NAT or PAT our internal IP's at dedicated firewall with APNIC ip's

• We do segregation of Internet browsing & Project traffic at firewall ( APNIC Range A for Projects & APNIC B for internet browsing)

• VPN concentrator to be connected on DMZ interface of Firewall & outside interface of concentrator towards internet router.

• VPN connector will be used for some projects traffic.

Requirement

Need to meet following requirements

• Project specific traffic needs to go via primarily Service Provider-1 & when primary fails should go via Service Provider-2

• Auto Failover is strongly recommended Project specific traffic.

• Internet browsing traffic should only go via Service Provider-2 only. We are ok if SP-2 fails & browsing stops.

Yes…this requirement would need policy based routing may be at router or at switch before the router.

Need your help to get the best design which meets the requirements.

Thanks in Advance

Regards

Yogesh

4 Replies 4

paolo bevilacqua
Hall of Fame
Hall of Fame

Since your design has some complexity, would eb a good idea for you to take use of a certifies and reputable cisco engineer of proven experience.

The advice you can get on forums can never be complete enough to accomplish a business, an the implementation and testing pahse can be very long an painful if you do not have the necessary experience.

Hi,

I just need to have thoughts or logic which can meet this design requirment.

Hope someone will help with logic /idea

Regards

Yogesh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco