03-31-2023 05:40 AM
I have FTD1010 and customer want to have dual ISP Active\Standby and LTE 3rd backup
So he need high availability by using dual ISP contention Active and Standby, and in case both ISP are down he need 3rd LTE backup for selected Phones and Computers only
IS that possible with FTD1010 ? and how
Thanks
Solved! Go to Solution.
03-31-2023 05:50 AM
@HaniAbuelkhair6735 use IP SLA and track the primary and secondary ISP connections. If the first ISP link goes down the default route via that link is removed from the routing table, the default route (with a higher metric) of the secondary link is used. If both the primary and secondary links are down then use the tertiary link (LTE). If you wish to limit traffic on the 3rd LTE link then you can control that traffic in the ACP using zones or only create NAT rules for the phones and computer networks when using the LTE interface.
03-31-2023 05:50 AM
@HaniAbuelkhair6735 use IP SLA and track the primary and secondary ISP connections. If the first ISP link goes down the default route via that link is removed from the routing table, the default route (with a higher metric) of the secondary link is used. If both the primary and secondary links are down then use the tertiary link (LTE). If you wish to limit traffic on the 3rd LTE link then you can control that traffic in the ACP using zones or only create NAT rules for the phones and computer networks when using the LTE interface.
03-31-2023 06:46 AM
Thanks
So i will have 2 default route for the 1st and 2nd ISP or 3 even for the LTE ?
And for the Phones and selected computers they should have static IP ?
03-31-2023 05:55 AM - edited 03-31-2023 07:34 AM
using PBR or ACL, that interest thing.
if I found something I will share here
03-31-2023 06:21 AM
I found this is the active\standby
https://integratingit.wordpress.com/2021/05/06/ftd-dual-isp-using-fdm/
but not sure about the LTE 3rd backup
03-31-2023 06:29 AM
Well the FPR1010 doesn't support LTE only ethernet interfaces, so you'd have to plug in a router with LTE to the firewall. Then treat it as another routed interface on the Firewall. Configure SLA and tracking for both the primary and secondary (as per the first response) and failover to the 3rd link.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide