Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
137
Views
0
Helpful
1
Replies

Route for mutiple VLANs and failover for ISPs

ckeyy
Level 1
Level 1

‎10-20-2024 02:53 AM

In my setup, I have 10 VLANs that all need internet access. The issue I encountered is that only one VLAN is able to reach the internet using its next hop to the firewall. I tried configuring 10 separate default routes for each VLANs, but while I was able to ping 8.8.8.8, I couldn't ping the ISP gateway. The internet connection was unstable—pages would start loading but never fully load. However, when I configured a single default route for VLAN 10, I was able to browse the internet normally for VLAN 10 network only.

Additionally, I set up an SLA for backup ISP failover, but when I disconnected the primary ISP, the failover didn’t work.

 

Configured in core switch: VLANs, SVI, Port Channel, and default route (ex. ip route 0.0.0.0 0.0.0.0 <subinterfaces ip>)

Configured in firewall: Port channel-subinterfaces of vlans, auto nat dynamic for each vlan (example. source: subinterface of vlan 10, original address: network of vlan 10, destination: outside interface, translated address: interface), static route to isp gateway, inside to outside policy 

 

Nat only configured for ISP 1, should I configure the nat for isp 2?

My configuration for SLA monitor.... ISP 1: metric-1, monitor address-ISP 1 address, target interface-isp 1 outside interface......... ISP 2: metric-10, monitor address-ISP 2 address, target interface-isp 2 outside interface. 

ISP 1 IP: STATIC, ISP 2 IP: DHCP. Their ISP 2 is dhcp, so I set the available IP to static in the firewall outside interface ip for connection to ISP 2.

 

 

ckeyy_0-1729417998221.png

 

Labels:
0 Helpful
1 Reply 1
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card