cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
665
Views
0
Helpful
5
Replies

Internet at two locations with one as a backup

Tshi M
Level 5
Level 5

I have two Internet services setup at two locations. One of the location is purely for backup purposes. I'd like to provide failover from one provider to the other internally to the users. We don't host any web servers or such. I only want the internal users to be able to use the second location in case of failure with the internet at our primary location. the configuration of both sites is as:

Layer3_switches<->ASA<->Internet_Router.

We have two ethernet connections between both locations

regards,

5 Replies 5

Richard Burts
Hall of Fame
Hall of Fame

Etienne

There is not enough information here about your environment for us to give you very good answers. If you can help us understand your situation a bit better we might be able to give you better answers. You talk about 2 Internet connections but do not tell us if both are through the same provider or are through different providers. You do not tell us whether the Internet connection is running any routing protocol with the provider or if they just have a static default route to the providers. You also do not tell us whether you are running a routing protocol inside your network and if so what it is.

In general it should be quite possible to set up one Internet connection as the primary and to use the other Internet connection as a backup or failover connection. The details of how to do it are dependent on the questions to which we do not yet know answers.

HTH

Rick

HTH

Rick

My apologies for the lack of details. We are using two separate ISPs and currently only using static routes on the internet routers and the internal environment uses EIGRP. Attached is a jpg of what it looks like.

Etienne

The additional information and the drawing are helpful. If you are using EIGRP as the internal routing protocol then you would want to redistribute the default route at the primary location into EIGRP with some metric and then you would redistribute the default route at the other location into EIGRP with a metric that is worse than the primary. If the metric is worse then EIGRP would only use the backup default route if the primary default route fails.

You would want to make sure that if the primary Internet connection goes down that the default route over it is withdrawn in EIGRP. With some interfaces such as point to point serial this usually happens automatically. With other like Ethernet you may need something like object tracking to make sure that the route gets withdrawn.

HTH

Rick

HTH

Rick

Thanks Rick,

I thought of all the above (i.e. redistributing and object-tracking). I am just wondering if this can be done with all the ASAs in between the Internet routers and the main switches at each location.

I ended up setting up the Internet at each site primary for its own site and use the other site as backup.

I am using icmp object tracking and redistributing each statis route into EIGRP. Because of the WAN link, each site will favor its own internet and fails over to the other site if track goes down.