Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1012
Views
0
Helpful
1
Replies

Accessing Our IP through Different ISP

CCIE Aspirant
Level 1
Level 1

‎11-05-2021 12:29 PM

Hi,

we have purchased a /22 Subnet from RIPE. we have our own Public ASN as well. we need to have a design to define our IP at our two routers. one router is connected to one ISP and one to another ISP and both routers will have same ASN for both ISP. we will make these Public IP as source loopback for our IPSEC tunnel to remote site. we will divide these /22 into 4 /24 subnets.

 

so my question is that can we get these 4 /24 subnets through both ISP? Like ISP 1 can give us access to our 4 subnets and ISP 2 can also give us access to our 4 subnets. I think  at same time we can not have access to our subnets through both isp but how we can achieve a kind of failover scenario if one isp goes down then still we can access our ip through other isp?

our remote sites will have ipsec tunnel to our router so in case one isp goes down we do not want our ipsec tunnel to goes down and still our remote site can have ipsec tunnel through other isp.

 

 

 

Labels:
0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎11-06-2021 01:56 AM - edited ‎11-06-2021 01:58 AM

First, for the backbone IP address for the outside interface you need to have a fixed IP going to ISP1 or ISP2, using those IP addresses you will have VPN Connection (personally these will not be required to go to different IP addresses)

 

Rest of the IP addresses, you can announce to both the ISP and make Preference to use which ISP they need to use, Once that is working, you can Traffic Engineering based on the failure scenario.

 

example :

 

https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13762-40.html

 

 

Hope on the brach you like to run BGP too ? or just static IP to connect to HQ (or Main office ?)

You need to Build 2 tunnels at the branch make decisions based on the failure scenarios to fail over.

 

Note: this is high level, depends on infrastructure, make a small network diagram for you to process this plan and understand the failure scenarios to come up with a plan.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents