Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
705
Views
0
Helpful
1
Replies

ISP REDUNDANCY B/W (1 ISR router connection to 2 X Cluster Checkpoint firewall)

sharanb4u
Level 1
Level 1

‎02-17-2018 12:00 PM - edited ‎03-05-2019 09:56 AM

Dear All,

 

I have a query regarding the following setup as explained

 

we have 2 ISPs, and we have obtained /30 and /29 Public pool from each ISP.

/30 for WAN links, /29 for ISR router and Checkpoint firewall connectivity and  (Basically LAN and WAN pool)

 

we have ONE ISR router and TWO checkpoint firewall configured in Cluster mode.

 

 

Need to configure ISR router and Checkpoint firewall for ISP redundancy ACTIVE/STANDY mode.

 

Do we need to configure BGP for Acitve/Standy config on ISR router.

Please suggest/guide

 

Thank you in advance.

Labels:
Preview file
124 KB
0 Helpful
1 Reply 1

pigallo
Cisco Employee
Cisco Employee

‎02-17-2018 12:42 PM

Hello,

to achieve fast rerouting in your configuration, if your ISP links do not belong to different VRFs, you could set two BGP sessions to each ISP.

Then configure a higher Local preference towards the ISP that you want use to forward packet out first and leaving second neighborship active with default LP. This is to manipulate outoing traffic.

 

To influence inbound traffic to your network configure different origin codes towards the two speakers to make traffic entering from second ISP as a less preferrable path.

If one session fails you already have the second BGP neighbor ready to route traffic in/out.

You could also consider the idea to implement BFD to speed up the control plane fault detection.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card