Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
392
Views
0
Helpful
4
Replies

Multiple Internet connections

mike.berka
Level 1
Level 1

‎08-07-2003 10:19 AM - edited ‎03-02-2019 09:26 AM

Hi all. Not sure if this belongs here or in the WAN section (it's a little of both), but here goes:

We currently have two corporate offices connected via point-to-point T1, terminating at 3640 routers. In our main office, we have a T1 to the Internet, connected through a PIX 515-R. We recently added a DSL line in the other office from a different carrier, also protected by a PIX 515-R. My question is this: how can we achieve redundancy? If one Internet link goes down, how can we dynamically reroute traffic down the inter-office T1 and out the other Internet link? Do we need to run BGP or is there a simple route map we can set up? Will running RIP between the PIXes accomplish this same thing? Any help or suggestions would be greatly appreciated.

Labels:
0 Helpful
4 Replies 4

ruwhite
Level 7
Level 7

‎08-07-2003 10:51 AM

Lots of questions here.... Are you using the same address space with both service providers (both service providers are advertising the address space you're using)? If so, how are you splitting the pool of addresses on the PIX?

Generally, as long as you are dynamically injecting a default from the pix back towards your network, and the default "goes away" when your connection to the ISP fails, the traffic should flow over the alternate link. You will most likely lose current sessions, and such, but you will come back up when you re-establish the session. Now, the real issue is getting the default to "go away" when the link to the ISP fails at one end. I assume there is a router, then an ethernet, then the pix, correct? If so, the either running BGP through the pix:

http://www.cisco.com/en/US/partner/tech/tk365/tk80/technologies_configuration_example09186a008009487d.shtml

Just to get the default down from the edge router through the pix, can be useful. Another option is to set up a static default on the edge router, and redistribute this into rip. Then run rip on the pix, and allow the default route through. Finally, run rip on the inside router, and redistribute the default route into your normal routing protocol.

So, there are a couple of options here; if you need help with a specific option, let us know.

Russ.W

0 Helpful

mschooley
Level 1
Level 1
In response to ruwhite

‎08-13-2003 10:38 AM

another consideration is if you are just talking outbound traffic (and responses), or do you have email and web servers that people from outside need access to. first case is fairly easy, second is much more difficult.

0 Helpful

mike.berka
Level 1
Level 1
In response to mschooley

‎08-13-2003 10:48 AM

Thanks for the suggestion. The redistribution of RIP seems to be working well. I was hoping for something a little more elegant; seems this shouldn't be so convoluted. I know the PIX finally supports OSPF... when oh when can I get EIGRP :)

0 Helpful

ruwhite
Level 7
Level 7
In response to mike.berka

‎08-13-2003 11:38 AM

The problem is that we've not been able to make much of a business case for eigrp through a pix. We have been working on eigrp _through_ a pix, and that should be coming at some point, just running eigrp on the pix is a little harder to get the pix folks to do.

Russ.W

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents