| Author |
Message |
jbeez
Guest
|
 Posted:
Wed Dec 07, 2005 12:37 am Post subject:
redundant link, HSRP? |
|
|
I havea pix 501 and a managed T1 comming into the building. I need
something incase that T1 drops. It can be as advanced as auto failover,
or as simple as me calling someone up at the branch and having them
move a cat5 cable from one device to another.
I was thinking of HSRP, but I would need access to both the routers and
the people who manage the T1 now said they will not setup HSRP with us,
and if we want to do that I need to change the service to us managing
it.
We were thinking of a dsl circuit for the backup link, I just need to
find a reliable way to make it kick over to that if/when the T1 drops.
My only requirement for a working setup is that my pix501 connects to
our 3020 to establish a vpn tunnel, I don't need the same IP, and I
would go through nat if I had to.
How would you guys handle this situation?
I've thought of unmanaged T1 w/ an extra ethernet card for a connection
from a dsl modem/router and somehow have it switch to route over the
DSL if the serial int goes down,
I've thought of 2 routers with HSRP in the same setup w/ unmanaged T1
so I can have it failover to the dsl, and if the T1 comes back up have
the T1 router be the active link again,
I've thought of a managed T1 going to the managed router, and two
seperate routers behind it doing HSRP.... but I don't know how that
would work since the ethernet of the T1 would still show up/up if the
serial goes down.
I also thought of having two PIX501s and just plugging one in at a
time, IE monitor the s0 int of the T1 router and if its up have someone
go and move the cat5 from the dsl connected pix to the T1 connected pix. |
|
| Back to top |
|
 |
Anthrax
Guest
|
| Posted:
Thu Dec 08, 2005 9:21 am Post subject:
Re: redundant link, HSRP? |
|
|
On 12/6/2005 10:37 AM, jbeez wrote:
-------- Original Message --------
| Quote: | I havea pix 501 and a managed T1 comming into the building. I need
something incase that T1 drops. It can be as advanced as auto failover,
or as simple as me calling someone up at the branch and having them
move a cat5 cable from one device to another.
I was thinking of HSRP, but I would need access to both the routers and
the people who manage the T1 now said they will not setup HSRP with us,
and if we want to do that I need to change the service to us managing
it.
We were thinking of a dsl circuit for the backup link, I just need to
find a reliable way to make it kick over to that if/when the T1 drops.
My only requirement for a working setup is that my pix501 connects to
our 3020 to establish a vpn tunnel, I don't need the same IP, and I
would go through nat if I had to.
How would you guys handle this situation?
I've thought of unmanaged T1 w/ an extra ethernet card for a connection
from a dsl modem/router and somehow have it switch to route over the
DSL if the serial int goes down,
I've thought of 2 routers with HSRP in the same setup w/ unmanaged T1
so I can have it failover to the dsl, and if the T1 comes back up have
the T1 router be the active link again,
I've thought of a managed T1 going to the managed router, and two
seperate routers behind it doing HSRP.... but I don't know how that
would work since the ethernet of the T1 would still show up/up if the
serial goes down.
I also thought of having two PIX501s and just plugging one in at a
time, IE monitor the s0 int of the T1 router and if its up have someone
go and move the cat5 from the dsl connected pix to the T1 connected pix.
|
I would go with statefull fail over
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008008996b.html#wp4315
But if you have a router behind that pix that can handle fail over with
static floating routes and tracking objects that would be great.
http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080457bcc.html
http://www.ciscotaccc.com/accessdial/showcase?case=K11609222
Hope this helps.
--
2nd Law of Thermodynamics: Chaos will Reign.
///////////////////
--Anthrax--
//////////////////
Posted Via Usenet.com Premium Usenet Newsgroup Services
----------------------------------------------------------
** SPEED ** RETENTION ** COMPLETION ** ANONYMITY **
----------------------------------------------------------
http://www.usenet.com |
|
| Back to top |
|
|
jbeez
Guest
|
| Posted:
Thu Dec 08, 2005 5:20 pm Post subject:
Re: redundant link, HSRP? |
|
|
I don't believe anything below a pix515 can do failover, at least I
can't issue any of the failover commands on my 501s and I'm not finding
any documentation to support otherwise. |
|
| Back to top |
|
|
Anthrax
Guest
|
| Posted:
Fri Dec 09, 2005 5:01 am Post subject:
Re: redundant link, HSRP? |
|
|
On 12/8/2005 8:53 AM, jbeez wrote:
-------- Original Message --------
| Quote: | I don't believe anything below a pix515 can do failover, at least I
can't issue any of the failover commands on my 501s and I'm not finding
any documentation to support otherwise.
Yes you are right, read to quick your post and did not realize of the |
platform you have, the if you have a router behind you might want to do
PBR with tracking objects and floating static routes.
--
2nd Law of Thermodynamics: Chaos will Reign.
///////////////////
--Anthrax--
////////////////// #end |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in