11-22-2023 06:10 AM - edited 11-22-2023 06:27 AM
Dear Cisco Community,
One of our customer has the following business need:
Currently, the customer has one border router with three ISPs. As usual, each ISP delivers only one public IP address to that router. However, there is an emerging need to have second router at the border. This new router will work only as standby, and it will take over just in case the primary router has failed.
The question here is about the usage possibility of just one public IP address given by the ISP, which would be shared virtually by these two routers, using a FHRP protocol, like HSRP (Cisco) or VRRP (IETF) to the WAN (ISP).
On this sense, is it possible to use a FHRP, configuring the single public IP address as a Virtual IP, which could be shared by these two border routers, for the WAN side (ISP faced)? If for some reason, it would be not possible, is there another known aproach for this kind of scenario?
Solved! Go to Solution.
11-22-2023 06:44 AM
I review it
SW connect ISP to both hsrp routers with one public IP from ISP dont work.
You need to use router instead of SW and NATing
Then connect this router to both hsrp routers.
11-22-2023 06:19 AM
depends on how your network Look like - if you have any rough diagram share to suggest better
Most Industry use case IP SLA and fail over - or you can also use both the link if you like to using PBR and Fail over method
some guidance below document can help you :
11-22-2023 06:26 AM
11-22-2023 09:23 AM
is this real or Lab environment.
You have different Failure scenarios here, Router and Firewall
so If you can add another ASA Interface connecting to other Router you can make Fail over
Also wroth adding switch between Router ASA FW also decent change to meet the requirement.
If the Router to ASA have Private IP then, that where you add Switch and introduce HSRP
check below example to help you
https://www.balajibandi.com/?p=1932
11-22-2023 06:22 AM
Add any router connect it to ISP and do NATing then connect this routet to other hsrp routers.
Using one public ip not work for any fhrp.
MHM
11-22-2023 06:33 AM
Dear @MHM Cisco World,
I just uploaded the network topology. Please take a look at it.
11-22-2023 06:44 AM
I review it
SW connect ISP to both hsrp routers with one public IP from ISP dont work.
You need to use router instead of SW and NATing
Then connect this router to both hsrp routers.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide