Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
658
Views
4
Helpful
5
Replies

Reg: Dynamic Switching of VPN client for Dual ISP

Janardhan Meesala
Level 1
Level 1

‎01-25-2012 02:04 AM - edited ‎03-07-2019 04:32 AM

Dear Experts,

I was enclosed my network scenario.

I have two ISP connections. One is primary and other one is secondary.

Regardsing Primary ISP, i have two types of IPs. One is WAN IP pool and other one is public pool to used for DMZ.

WAN ip i configured in Router outside interface and LAN public pool  i configured between Router inside interface and Firewall outside interface( Firewall is accessble from internet with the public IP configured on outside interface)

In firewall i terminated Secondary ISP directly on interface called backup.

Firewall configured for ISP failover with sla tracking and its working fine. And firewall also configured for IPSec remote access VPN for mobile users. This is also working fine.

But here i am facing problem with VPN users that whenever primary ISP link was down the VPN user has getiing disconnecting. The user has manullay shifted to the secondary ISP that was configured in VPN client software in user machine.

Is there any way of shifting dynamically one ISP to another ISP when one of ISP got problem.

Regards,

Janardhan

Labels:
Preview file
55 KB
0 Helpful
5 Replies 5

Vivek Ganapathi
Level 4
Level 4

‎01-25-2012 04:24 AM

Hello Janardhan,

Below is a link which has a discussion on the similar topic in the forum. This may help you.

https://supportforums.cisco.com/community/netpro/security/vpn/blog/2011/04/25/ipsec-vpn-redundancy-failover-over-redundant-isp-links

Thanks

Vivek

*please do rate if helpful

Janardhan Meesala
Level 1
Level 1
In response to Vivek Ganapathi

‎01-25-2012 05:32 AM

HI Mr. Vivek,

Thanks for your prompt reply. I am verifying same with my customer. I hope

it will work.

I have on more query on this. How can i use my primary ISP given public IPs

through the secondary ISP when my primary ISP was down.

Regards,

Janaradhan

On Wed, Jan 25, 2012 at 5:54 PM, v.ganapathi <

0 Helpful

Vivek Ganapathi
Level 4
Level 4
In response to Janardhan Meesala

‎01-25-2012 06:22 AM

You cannot use the primary ISP routable IP pool on your secondary ISP.

0 Helpful

Janardhan Meesala
Level 1
Level 1
In response to Vivek Ganapathi

‎01-25-2012 06:40 AM

HI Mr. Vivek,

If i run BGP in my router, then it will advertise my primary public pool to

the secondary ISP. Is right or not???

Regards,

Janardhan

On Wed, Jan 25, 2012 at 7:52 PM, v.ganapathi <

0 Helpful

Vivek Ganapathi
Level 4
Level 4
In response to Janardhan Meesala

‎01-25-2012 07:20 AM

Yes, you may advertise it, but when you loose the reachability to your primary ISP, ultimately you loose your BGP session as well & then even your advertisements

Hope its clear.

Thanks

Vivek

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card