Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
927
Views
0
Helpful
4
Replies

Dual-Home Internet Connectivity Design Help

yogesh.suryawanshi
Level 1
Level 1

‎10-14-2009 12:12 AM - edited ‎03-04-2019 06:22 AM

Hi All,

Need your help on Dual- homed internet connectivity design.

Please refer the attached diagram & following design requirements

Information

• We have our own APNIC range public ip address let's say /24 range A and B

• Router 1 connects to SP provider 1 & Router 2 connects to Service provider 2

• With Both SP we decided to run BGP session and advertise both APNIC range with both SP

• We do NAT or PAT our internal IP's at dedicated firewall with APNIC ip's

• We do segregation of Internet browsing & Project traffic at firewall ( APNIC Range A for Projects & APNIC B for internet browsing)

• VPN concentrator to be connected on DMZ interface of Firewall & outside interface of concentrator towards internet router.

• VPN connector will be used for some projects traffic.

Requirement

Need to meet following requirements

• Project specific traffic needs to go via primarily Service Provider-1 & when primary fails should go via Service Provider-2

• Auto Failover is strongly recommended Project specific traffic.

• Internet browsing traffic should only go via Service Provider-2 only. We are ok if SP-2 fails & browsing stops.

Yes…this requirement would need policy based routing may be at router or at switch before the router.

Need your help to get the best design which meets the requirements.

Thanks in Advance

Regards

Yogesh

Labels:
Preview file
29 KB
0 Helpful
4 Replies 4

paolo bevilacqua
Hall of Fame
Hall of Fame

‎10-14-2009 02:48 AM

Since your design has some complexity, would eb a good idea for you to take use of a certifies and reputable cisco engineer of proven experience.

The advice you can get on forums can never be complete enough to accomplish a business, an the implementation and testing pahse can be very long an painful if you do not have the necessary experience.

0 Helpful

yogesh.suryawanshi
Level 1
Level 1
In response to paolo bevilacqua

‎10-14-2009 03:05 AM

Hi,

I just need to have thoughts or logic which can meet this design requirment.

Hope someone will help with logic /idea

Regards

Yogesh

0 Helpful

Not applicable
In response to yogesh.suryawanshi

‎10-14-2009 03:53 AM

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card