i need assistance to config redundancy in below network. requirements are below and what I am planning to config is written.
as shown below DSL is connected directly to firewall and all client's internet traffic is going through DSL. DIA is for servers and published some ips like exchange and other services.
currently the setup is if DSL failed automatically all traffic will go through DIA.
now we have two private WAN isp1 and isp2 which is connected to cloud where we have some servers.
i am really confuse how to route the traffic between DIA link and ISP1 and ISP2 link. I want to use both ISP at the same time. e.g. userA will go through ISP1 and userB will go through ISP 2 I mean round robin. and load balance between router. e.g
if ISP1 link failed all traffic should go through to ISP2.
so which default gateway I should mentioned on Firewall. I was thing to config GLBP and IP SLA with PBR to route traffic.but I am not sure if it will work or not. because currently i have public IP on firewall outside interface and private WAN has private IP. also after that traffic should encrypt for traffic which is going through priavete WAN to access servers. i am thinking to config GETVPN but it require 1 seperate router. is there any other VPN work on Private WAN?
it is a bit hard to figure out what your actual traffic flow is, but GLBP does do load balancing, so maybe that is indeed an option. Use the GLBP virtual address as the default gateway for the firewall. That said, how is traffic from DIA hitting the firewall when you want to get from DIA to ISP1 and ISP2 ? On your drawing it looks like traffic from DIA would bypass the firewall ?
my apologies, but I cannot figure out your traffic flow. Can you mark (let's say with a green line) the primary traffic flow and (let's say with a red line) the backup traffic flow ?