redundant link, HSRP?
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||
|
Posted by jbeez on December 6, 2005, 1:37 pm
Please log in for more thread options something incase that T1 drops. It can be as advanced as auto failover, or as simple as me calling someone up at the branch and having them move a cat5 cable from one device to another. I was thinking of HSRP, but I would need access to both the routers and the people who manage the T1 now said they will not setup HSRP with us, and if we want to do that I need to change the service to us managing it. We were thinking of a dsl circuit for the backup link, I just need to find a reliable way to make it kick over to that if/when the T1 drops. My only requirement for a working setup is that my pix501 connects to our 3020 to establish a vpn tunnel, I don't need the same IP, and I would go through nat if I had to. How would you guys handle this situation? I've thought of unmanaged T1 w/ an extra ethernet card for a connection from a dsl modem/router and somehow have it switch to route over the DSL if the serial int goes down, I've thought of 2 routers with HSRP in the same setup w/ unmanaged T1 so I can have it failover to the dsl, and if the T1 comes back up have the T1 router be the active link again, I've thought of a managed T1 going to the managed router, and two seperate routers behind it doing HSRP.... but I don't know how that would work since the ethernet of the T1 would still show up/up if the serial goes down. I also thought of having two PIX501s and just plugging one in at a time, IE monitor the s0 int of the T1 router and if its up have someone go and move the cat5 from the dsl connected pix to the T1 connected pix. | |||||||||||||
|
Posted by Anthrax on December 8, 2005, 12:22 am
Please log in for more thread options On 12/6/2005 10:37 AM, jbeez wrote: -------- Original Message -------- I would go with statefull fail over http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008008996b.html#wp4315 But if you have a router behind that pix that can handle fail over with static floating routes and tracking objects that would be great. http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080457bcc.html http://www.ciscotaccc.com/accessdial/showcase?case=K11609222 Hope this helps. -- 2nd Law of Thermodynamics: Chaos will Reign. /////////////////// --Anthrax-- ////////////////// Posted Via Usenet.com Premium Usenet Newsgroup Services ---------------------------------------------------------- ** SPEED ** RETENTION ** COMPLETION ** ANONYMITY ** ---------------------------------------------------------- http://www.usenet.com | |||||||||||||
|
Posted by jbeez on December 8, 2005, 11:53 am
Please log in for more thread options I don't believe anything below a pix515 can do failover, at least I
can't issue any of the failover commands on my 501s and I'm not finding any documentation to support otherwise. | |||||||||||||
|
Posted by Anthrax on December 8, 2005, 6:01 pm
Please log in for more thread options
On 12/8/2005 8:53 AM, jbeez wrote: -------- Original Message -------- > I don't believe anything below a pix515 can do failover, at least I
Yes you are right, read to quick your post and did not realize of the
> can't issue any of the failover commands on my 501s and I'm not finding > any documentation to support otherwise. > platform you have, the if you have a router behind you might want to do PBR with tracking objects and floating static routes. -- 2nd Law of Thermodynamics: Chaos will Reign. /////////////////// --Anthrax-- ////////////////// #end | |||||||||||||
| Similar Threads | Posted |
| redundant link, HSRP? | December 6, 2005, 1:37 pm |
| Redundant wan link | July 10, 2008, 10:10 am |
| Redundant link between to L3 switches | November 24, 2008, 3:55 pm |
| Redundant VPN on ASA | June 11, 2007, 11:09 pm |
| Redundant VPN config | June 8, 2006, 1:41 am |
| DMZ with Redundant Pix 525's | July 27, 2006, 11:36 am |
| redundant VPN Tunnel | October 2, 2006, 11:44 am |
| Redundant switch another try | March 6, 2008, 10:23 pm |
| Redundant frame network? | February 8, 2005, 2:37 am |
| Redundant Colocation Setup | August 16, 2005, 1:28 am |
| Redundant links between subnets | June 20, 2006, 11:02 am |
| spantree. No redundant links | October 20, 2006, 1:45 pm |
| [Semi OT] Redundant WAN Connections | June 12, 2007, 2:07 pm |
| Redundant switch second time | March 1, 2008, 5:29 pm |
| Adding redundant Sup720 to 6509 | March 8, 2006, 8:20 am |
> something incase that T1 drops. It can be as advanced as auto failover,
> or as simple as me calling someone up at the branch and having them
> move a cat5 cable from one device to another.
>
>
> I was thinking of HSRP, but I would need access to both the routers and
> the people who manage the T1 now said they will not setup HSRP with us,
> and if we want to do that I need to change the service to us managing
> it.
>
> We were thinking of a dsl circuit for the backup link, I just need to
> find a reliable way to make it kick over to that if/when the T1 drops.
>
> My only requirement for a working setup is that my pix501 connects to
> our 3020 to establish a vpn tunnel, I don't need the same IP, and I
> would go through nat if I had to.
>
>
> How would you guys handle this situation?
>
> I've thought of unmanaged T1 w/ an extra ethernet card for a connection
> from a dsl modem/router and somehow have it switch to route over the
> DSL if the serial int goes down,
>
> I've thought of 2 routers with HSRP in the same setup w/ unmanaged T1
> so I can have it failover to the dsl, and if the T1 comes back up have
> the T1 router be the active link again,
>
> I've thought of a managed T1 going to the managed router, and two
> seperate routers behind it doing HSRP.... but I don't know how that
> would work since the ethernet of the T1 would still show up/up if the
> serial goes down.
>
> I also thought of having two PIX501s and just plugging one in at a
> time, IE monitor the s0 int of the T1 router and if its up have someone
> go and move the cat5 from the dsl connected pix to the T1 connected pix.
>