Overcoming inbound link resilience without dynamic routing
Greetings, im sure this question has been approached several times before but it would be appreciated if i could get some opinions.
We have a customer with two DSL connections coming into two different routers, we want to replace these connections with a local Ethernet service, so far so good, however the customer wishes to keep the DSl connections and terminate them on the same router as the Ethernet service.
Now normally what i would try to do is find a provider who can supply both the DSL and Ethernet circuits and run BGP to both load balance and provide resilience for inbound and outbound connections.
Unfortunately we can't in this situation, as per the diagram i am thinking of using the Ethernet service as the primary link, the address block attached to this circuit would be used on the outside of the ASA which would also NAT all outbound traffic to it's global address of 18.104.22.168, the router would be configured with a default route going to the Ethernet circuit, the DSL circuits would have higher metrics, i would also configure PAT for each DSL interface on the router which would mean that traffic is NATed both on the ASA and on the router in the event the Ethernet service fails.
What i hope to achieve is that outbound connections still work in the event of the ethernet service failing however i realise that inbound connections and outbound IPSEC connections are still going to fail if i NAT traffic twice.
Id be very happy to listen to any advice of how to overcome this without using dynamic routing if it is at all possible.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...