07-05-2007 06:37 AM - edited 03-03-2019 05:44 PM
I am looking at adding a second internet connection for my business and connecting them to a 1812 router. They will be different types through different providers to give real redundancy. How would you suggest configuring this for true redundancy/failover? Using OER or just by routing protocol? What about security? Would you use the router as the firewall or add an ASA inside the router to provide a separate firewall and VPN device?
07-05-2007 06:43 AM
Hello,
I think that you cannot use neither routing protocols nor OER, because you will not be able to use a same subnet (prefix) with both ISPs. That would require BGP, An AS number, and possibly PI address space, all things that are very complicated to obtain.
So I guess, like it is becoming more and more common now, you can in practice only use NAT to both providers for redundancy. A router is perfectly adequate to do that, and is an excellent firewall too. Still, some people like the ASA better.
Hope this helps, please rate post if it does
07-05-2007 06:47 AM
With just using NAT, is it possible to load balance outgoing traffic?
Incoming traffic will obviously depend on which IP address the connection is going to.
07-05-2007 07:28 AM
Yes. With two default routes, it will load balance. The return traffic will be on the interface that has started the outgoing, so again load balancing.
After observation, if you notice one link more loaded that the other, you can manually tune so that some popular destination will go out preferentially over one link.
07-05-2007 07:43 AM
Thanks for the info. I will be moving forward with that in the very near future.
07-05-2007 07:54 AM
Thanks for the nice rating and good luck. Come back when you have the link and we can gave some config advice.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide