05-27-2014 02:21 PM - edited 03-11-2019 09:15 PM
I wanted to know how I would be able to configure ISP failover. I need to be able to access the exchange server as usual when this happens though. Any ideas on how to make that happen? Outgoing failover seems to be straight forward with static routes, IP SLA, and Natting with Route-maps but the incoming bits seems a bit illusive based on my research. Just looking for insight from anyone who has done this in a real-world situation so I can anticipate any hiccups that may arise...
Solved! Go to Solution.
05-28-2014 07:00 AM
Just for clarification, the ASA is not able to have route-maps. that is router function.
Other than that, yes the inbound traffic will be more difficult. The problem here will mainly be DNS. Since your exchange and perhaps even web traffic will be going towards company.com, this name will be resolving to the ASA's outside interface. So when the failover happens you would need to redirect those URLs to the new public IP.
The best option here, would be to do it manually. A pain, yes, but in my opinion the best option.
Another option, though I have never tried this, so am not 100% sure it will work and its use depends on your companies policies and a few other factors such as if the webserver and exchange server are on the same physical server. You could use something like No-IP to dynamically update DNS records. This is installed on the server..if i remember correctly...and it constantly checks in with its current IP and dynamically updates its public DNS record.
--
Please remember to select a correct answer and rate
05-29-2014 04:01 AM
Normally when you set up exchange on outlook, or access it through outlook web access...etc. you enter something like mail.company.com or mail.company.com/owa...or similar. The domain name is you bought needs to be "pointed" at your public IP address so you are able to access that IP by using the URL. These settings are found when you log into the website of the company you bought the domain from...normally.
So, If you want to use two different ISPs for redundancy, you would need to somehow redirect that email and web traffic to the second ISP when the primary ISP has failed.
When I say do it manually, I mean that you should go into the settings for your domain name and "point" the domain name to the backup ISP IP when there is a failover situation.
--
Please remember to select a correct answer and rate
05-28-2014 07:00 AM
Just for clarification, the ASA is not able to have route-maps. that is router function.
Other than that, yes the inbound traffic will be more difficult. The problem here will mainly be DNS. Since your exchange and perhaps even web traffic will be going towards company.com, this name will be resolving to the ASA's outside interface. So when the failover happens you would need to redirect those URLs to the new public IP.
The best option here, would be to do it manually. A pain, yes, but in my opinion the best option.
Another option, though I have never tried this, so am not 100% sure it will work and its use depends on your companies policies and a few other factors such as if the webserver and exchange server are on the same physical server. You could use something like No-IP to dynamically update DNS records. This is installed on the server..if i remember correctly...and it constantly checks in with its current IP and dynamically updates its public DNS record.
--
Please remember to select a correct answer and rate
05-29-2014 03:50 AM
05-29-2014 04:01 AM
Normally when you set up exchange on outlook, or access it through outlook web access...etc. you enter something like mail.company.com or mail.company.com/owa...or similar. The domain name is you bought needs to be "pointed" at your public IP address so you are able to access that IP by using the URL. These settings are found when you log into the website of the company you bought the domain from...normally.
So, If you want to use two different ISPs for redundancy, you would need to somehow redirect that email and web traffic to the second ISP when the primary ISP has failed.
When I say do it manually, I mean that you should go into the settings for your domain name and "point" the domain name to the backup ISP IP when there is a failover situation.
--
Please remember to select a correct answer and rate
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide