Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Dual ISP/Dual Firewalls configuration...

I am in the process of configuring our network with dual internet connections through separate firewalls using different ISP carriers. We will be using BGP for inbound traffic, but how do I configure our outbound traffic for internet failover? I am running OSPF internally on all the core switches. Our current internet connection is in our Data Center 1 (as noted in the drawing) and the 2nd, proposed, connection will be at our Headquarters. I want the traffic to go through Data Center 1 and if there is an issue, failover to the Headquarters ISP. I currently have my gateway of last resort routes mapped to the Data Center 1 connection. I assume I need to remove those routes and let OSPF handle default routes? Any help will be greatly appreciated. TIA.

New Member

Re: Dual ISP/Dual Firewalls configuration...


I'm only a CCNA student, so I can make a mistake..

But I try to give you my solution.

You probably configured the boundary router of Data Center 1 as the gateway of last resources whit the link to ISP as exit interface.

The OSPF has an Administrative Distance of 110

If you put a default static route on this gateway ( to the Headquarter exit )

with command ip route you can set 111 as Administrative Distance ( not using 1 as default)

this route won't be the best route untill the link from data Center 1 and ISP is up.

If this link fails the default route will be added in the routing table.

New Member

Re: Dual ISP/Dual Firewalls configuration...

I found a url who explains this method.

It's called Floating Static Routes

New Member

Re: Dual ISP/Dual Firewalls configuration...

Seems easy enough. I'll give that a try.