Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
824
Views
2
Helpful
5
Replies

FTD 1010 WAN dual ISP Active\Standby and LTE 3rd backup

Go to solution
HaniAbuelkhair6735
Level 1
Level 1

‎03-31-2023 05:40 AM

I have FTD1010 and customer want to have dual ISP Active\Standby and LTE 3rd backup 

So he need high availability by using dual ISP contention Active and Standby, and in case both ISP are down he need 3rd LTE backup for selected Phones and Computers only

IS that possible with FTD1010 ? and how 

Thanks

1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎03-31-2023 05:50 AM

@HaniAbuelkhair6735 use IP SLA and track the primary and secondary ISP connections. If the first ISP link goes down the default route via that link is removed from the routing table, the default route (with a higher metric) of the secondary link is used. If both the primary and secondary links are down then use the tertiary link (LTE). If you wish to limit traffic on the 3rd LTE link then you can control that traffic in the ACP using zones or only create NAT rules for the phones and computer networks when using the LTE interface.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Rob Ingram
VIP
VIP

‎03-31-2023 05:50 AM

@HaniAbuelkhair6735 use IP SLA and track the primary and secondary ISP connections. If the first ISP link goes down the default route via that link is removed from the routing table, the default route (with a higher metric) of the secondary link is used. If both the primary and secondary links are down then use the tertiary link (LTE). If you wish to limit traffic on the 3rd LTE link then you can control that traffic in the ACP using zones or only create NAT rules for the phones and computer networks when using the LTE interface.

0 Helpful

Go to solution
HaniAbuelkhair6735
Level 1
Level 1
In response to Rob Ingram

‎03-31-2023 06:46 AM

Thanks 

So i will have 2 default route for the 1st and 2nd ISP or 3 even for the LTE ?

And for the Phones and selected computers they should have static IP ? 

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎03-31-2023 05:55 AM - edited ‎03-31-2023 07:34 AM

using PBR or ACL, that interest thing. 
if I found something I will share here 

0 Helpful

Go to solution
HaniAbuelkhair6735
Level 1
Level 1

‎03-31-2023 06:21 AM

I found this is the active\standby 

https://integratingit.wordpress.com/2021/05/06/ftd-dual-isp-using-fdm/

but not sure about the LTE 3rd backup 

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to HaniAbuelkhair6735

‎03-31-2023 06:29 AM

Well the FPR1010 doesn't support LTE only ethernet interfaces, so you'd have to plug in a router with LTE to the firewall. Then treat it as another routed interface on the Firewall. Configure SLA and tracking for both the primary and secondary (as per the first response) and failover to the 3rd link.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card