I havea pix 501 and a managed T1 comming into the building. I need something incase that T1 drops. It can be as advanced as auto failover, or as simple as me calling someone up at the branch and having them move a cat5 cable from one device to another.
I was thinking of HSRP, but I would need access to both the routers and the people who manage the T1 now said they will not setup HSRP with us, and if we want to do that I need to change the service to us managing it.
We were thinking of a dsl circuit for the backup link, I just need to find a reliable way to make it kick over to that if/when the T1 drops.
My only requirement for a working setup is that my pix501 connects to our 3020 to establish a vpn tunnel, I don't need the same IP, and I would go through nat if I had to.
How would you guys handle this situation?
I've thought of unmanaged T1 w/ an extra ethernet card for a connection from a dsl modem/router and somehow have it switch to route over the DSL if the serial int goes down,
I've thought of 2 routers with HSRP in the same setup w/ unmanaged T1 so I can have it failover to the dsl, and if the T1 comes back up have the T1 router be the active link again,
I've thought of a managed T1 going to the managed router, and two seperate routers behind it doing HSRP.... but I don't know how that would work since the ethernet of the T1 would still show up/up if the serial goes down.
I also thought of having two PIX501s and just plugging one in at a time, IE monitor the s0 int of the T1 router and if its up have someone go and move the cat5 from the dsl connected pix to the T1 connected pix.