07-25-2018 05:53 PM - edited 03-05-2019 10:48 AM
So if I have a destination that a FW must reach that that does not return pings (goes from FW to ISP router through internet to Destination) what is best ip to track in SLA configs. I know some may use 8.8.8.8 but any better ideas? The ISP router assisns the FW a DHCP address so I should see the ISP addy by show arp correct? I don't want to use the ISP router IP because connection along path to destination could go down but ISP router IP is still pingable and therefore traffic would not failover to standby FW which goes to another ISP router.
Any ideas?
What if you only have one FW but 2 ISP routers. Would configuring redundant interfaces on FW (one to ISP1 and other 2 ISP2) be a good option for redundancy?
07-25-2018 07:41 PM
hi,
your description of the problem is a bit vague.could you post a brief diagram of your setup?
do you have 2x internet edge routers going to different ISPs?
07-27-2018 10:18 AM
It is pretty basic. See attachment.
Basically the end host to reach has pings turned off, I know I can track the interface of the ISP router but is it better to track something else reachable on the internet like 8.8.8.8 instead of tracking let's say the ISP inside (int to the switch)?
07-27-2018 11:54 AM
Your diagram show only 1 connection.
Yes if you have 2 ISP and you want to resilience for connection, you can use SLA to track
if the link 1 fails, move to 2nd link...and once link 1 come back either you can also configure to preempt
BB
07-27-2018 12:28 PM
Ok so is it best to track the inside link instead of configuring to track a ping of an IP on the internet such as 8.8.8.8?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide