Cisco WAN :: 6509 - 2 ISPs From One Network
Nov 26, 2011
I have a second link being installed this week to a second ISP. Each ISP has tunnels that terminate on there routers for various services. Right now on the 6509 I have a static default route which sends all traffic to ISP one. Once I get the second link installed I would only like to send specific traffic to ISP1 and everything else to ISP2 unless the link is down. Would policy routing on the 6509 fit my needs?I would like to send 172.20.0.0 / 24 and 10.25.0.0 to isp one and everything else to ISP2.
View 4 Replies
ADVERTISEMENT
Sep 21, 2011
We are implementing the network design between the two sites (OLD Data center and NEW Data Center), scheme in attachement.
We have chosen this scheme on the following criteria:
- A single IP network between the sites (for simplicity migration);
- Fault tolerance via different ISPs.
But the problem is L2 etherchannel doesn't work correctly: When one side port is shutting down, on the other side etherchannel will not rebuild and does not see that link down on the other end. We have tried to use LACP in etherchannel (mode active on ports), but result was the same. Is it on the ISPs side?
Should we use this design or we have to subneting the network and make connections between the data centers classically with L3 channels and OSPF?
The configures of Core ports listed below:
OLD data center core (Cat 6509):
interface GigabitEthernet2/6
description #### TO DATA-CENTER core 1#####
switchport
switchport trunk encapsulation dot1q
switchport trunk native vlan 5
switchport mode trunk
logging event link-status
View 1 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3
I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis?Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3.I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis. Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Oct 30, 2011
Currently we have a T1 for data connected to a 1721 Router that is connected to an ASA 5510. We would like to add a FIOS line for dedicated online backup. Is it possible to connect the FIOS router to the ASA and route the IP from our backup server to use the FIOS line and everyone else continue to use the T1?
View 3 Replies
View Related
Jul 10, 2011
We got 2 ISPs -------> two ASA 5520 Primary / secondary --------> LAN . ASA is configured with ACL and Static NAT for our mail , web & ftp servers .
My question is how to configure the 2nd ISP on the ASA to auto switch to the 2nd ISP when the 1st is down with a backup static NAT and backup ACL for the new ISP , in other words how to configure a active static NAT and Backup Static NAT and ACL only for Exchange/Mail Server.Here is the example of our configuration where PIE is Primary ISP & EMC is Backup ISP.
ASA Version 8.2(1)
hostname Corp-ASA
enable password 2KFQnbNIdI.2KYOU encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
[code]....
View 1 Replies
View Related
Apr 21, 2012
I have a 192.168.1.xxx network connected to Verizon FIOS via Actiontec MOCA / router.I also have a 192.168.15.xxx network connected to Comcast via Motorola VT2442 router (used for Vonage) and a Motorola SB6121 cable modem. Each network has it's own gigabit switch connected to each router. The two networks are physically separated but switches and routers are physically side by side.What is the best configuration to allow devices on 192.168.1.xxx network to communicate with devices on the 192.168.15.xxx network (share printers, NAS, etc), but still have each network served by it's respective ISP, and each device still get it's dhcp, dns, gateway, etc from each respective router?
View 10 Replies
View Related
Feb 12, 2013
How I can get a list of Tier 1 ISPs?
View 2 Replies
View Related
May 9, 2012
Would one phone line be able to support two ISPs? The rest of my family is using an AT&T line and I'm less than amused with it's performance for 4+ people. I have an unused phone jack available but I'm concerned about ordering the installation package only to find that I need a new phone line)
View 4 Replies
View Related
Apr 17, 2012
I am running a home configuration where there are 2 PC's each using a different ISP. If one of those ISP's goes down, I would like both PC's to switch over to the working ISP.
View 5 Replies
View Related
Nov 11, 2012
The problem is the memory available in common BGP-routers. A sup720-3BXL for example, a widly used sup-engine for handling BGP as far as I know, is getting to the limit of its memory size, depending on the number of upstream-providers connected to it.What are you doing, what are major ISPs doing, to circumvent this problem? setting up some server, working as route-reflector, and with a high level of summarizing routes, above supernetting? But at the cost of stability? Or buying new hardware, supporting bigger table? For example the RSP720-3CXL-10GE with up to 4GB memory? But how long will it last? Or a ASR-9001 with 8GB memory or even the ASR9k6 + RSP440 with 12GB mem?
View 19 Replies
View Related
Jul 18, 2011
Is it possible to configure multiple ISPs in 3560? and These ISPs traffic should be forward different vlans & different ports. i need configure port wise DHCP also and using different ip addresses please, which device supports this application
View 2 Replies
View Related
Jul 1, 2012
I've been searching the net for days now trying to configure the ASA5505 for dual DHCP ISP use. All guides available assume you have one static.
After realizing that it required a Security Plus license to even configure 3 VLANs.
I can choose a backup interface in ASDM. It even says dual ISP enabled. Why cant there be a guide or simple configuration example or am I the only one looking for this kind of solution?
Customer has two ADSL internet connections and want to switch between them if they fail. No load balancing required.
View 2 Replies
View Related
Aug 17, 2011
Looking to replace an "all-in-one" type firewall (UTM/Firewall, SSL VPN) with a cisco product - the issue i'm running into is that we have multiple ISPs plus WAN and DMZ - overall more than 5 ports on mid-range ASA devices - and from what i read, adding 4-port module precludes me from adding CSC module.
Is there an solution to that other than going for 5585-x model? (kind of over our budget, granted we need 2 for failover)
View 2 Replies
View Related
Oct 17, 2011
We have an issue with some NAT on an ASA 5510. Here is a simplified drawing of the ASA setup:So the issue is when we try to send traffic from 172.16.3.251 to 1.1.1.1 we got this message in the log:
Oct 18 2011 12:32:12: %ASA-3-305006: portmap translation creation failed for udp src inside
172.16.3.251 /37166 dst outside:1.1.1.1/23
It looks like there is an issue with NAT but maybe is cause of the DUAL ISP setup as packets are routed through the outside interface and not IPtelefoni_outisde?
View 13 Replies
View Related
Nov 14, 2011
I am having a strange requirement. actually I am not sure it is strange or not. I am having ASA5510 with 8.4 sw version. Currently one ISP is connected to it. It is working fine. We have some servers that are directly connected to internet using another ISP connection. These servers having public IP addresses configured on their LAN settings. I need to move these servers in to the DMZ zone.
When i connect it to the ASA's DMZ zone,servers will get internet through the first ISP that is already configured on ASA. But i need to NAT the DMZ servers with the IP address provided by the other ISP, which even not configured on ASA.
So what should i do? In short my requirement is
1) need to NAT the server with the IP address provided by another ISP
2) Also note that the default route is configured for the first ISP only in ASA
so Do i need to configure another default route? Do i need to make it with larger AD? So i do it will act as the secondary route only.
I need to make the ASA up and running for two ISP, and servers in the LAN should be able to NAT with the IPs of first ISP and ,the servers in the DMZ zone should be able to NAT with the public IP of the new ISP.
View 2 Replies
View Related
Jan 23, 2012
Using a RV082 (firmware 2.0.0.19-tm) connected to two different ISPs. LAN IP IS 192.168.1.1. Everything seems to be working OK if I leave the DNS settings for WAN1 and WAN2 set to public DNS servers. If I set each WAN connection to the respective ISP’s DNS settings then I get timeouts when using NS look up. My ISP only accept DNS request from routers on their own network.
Assumption:
I thought that if each WAN is pointing to it’s own DNS server, I should be able to get a reply when I do a NS look up with the server set to this router (192.168.1.1.)
Real life:
The fact is I get a Timeout every time I test a domain name look up.
With the exact same configuration, setting both WANs to public DNS servers, everything works fine
The only reasons for wanting the DNS settings not set to a public DNS server are two. My Spam solution has issues with using a public DNS server was hoping I could increase the speed of DNS look ups using a closer DNS server.My objective is to point the internal DNS server on the SBS 2003 to the RV082 and have the router forward the request as needed to the proper ISPs dns server.
Is my assumption above correct? If I have each WAN configured to it’s own DNS settings I should be able to point to the router for DNS look ups and if the record in not in cache this router will forward it to one of the two WAN’s using that WAN's correct DNS settings?
View 1 Replies
View Related
Dec 5, 2011
We have a cisco ASA 5505 with sec bundle plus
We have two ISP's:
ISP1 (Our IP = 30.100.150.50, gateway 30.100.150.8)
ISP2 (Our IP = dynamic, gateway 20.100.150.9) - ADSL
Our internal LAN IP range is 10.9.8.0/24
We want to configure the ASA 5505 to allow users via ISP2 for http traffic We then want to use ISP1 for strictly VPN and access to internal web resources (eg OWA) as we have public IP's there.
Our idea was to configure two gateways on the ASA (e.g. 10.9.8.5 via ISP2 and 10.9.8.6 via ISP1)
Then give the users gateway 10.9.8.5 for web browsing etc Is this configuration possible on the ASA 5505?
View 4 Replies
View Related
Nov 1, 2012
have main office of 70 people.Also I have 2 redundant ISP:One give me 20 mbit/s Other only 2 mbit/s and it is my backup ISP.
I have some resources in data center and I need a IPSec VPN to it and some other location. I suppose there will be up to 3-5 IPSec tunnels. I choose Cisco ISR 881-SEC-K9 with one wan port and 4 LAN switch. But know I’m looking for Cisco 891-K9. There is no security bundle for it. But in cisco.com this router is marked Cisco 891-K9 Security router. Does it support security features like VPNs, ZBF, IOS Firewall, NBAR and IP SLA for ISP redundancy? Also if my boss will choose chipper Cisco router 881-SEC-K9. Will I be able to organize 2 ISP redundancy on 4 LAN switch port inside VLAN interfaces because there is only one WAN port?
View 2 Replies
View Related
Jan 5, 2013
I have ASA5510 with PLUSE License.I have 2 Inside interfaces as STAFF and MAIL and two Outside interface OUT_STAFF and OUT_MAIL which is in separate ISP's.now i want to nat STAFF to OUT_STAFF and MAIL to OUT_MAILbecause I'm having two default routes it gets impossible to do.
View 1 Replies
View Related
Aug 9, 2011
I have a Cisco ASA 5510 and I am trying to set it up to be able to have it failover to the 2nd ISP connection if the 1st one ever went down. I think I need a nat statement that the "backup" connection will use when the 1st connection goes down, but I am unsure what the nat statement is supposed to be. I have added the commands that I am pretty sure that I need to add for the "backup" ISP connection. Attached are those commands, the interfaces that are set up, and the objects that are set up in the ASA.
View 2 Replies
View Related
Dec 14, 2011
I inherited a network redesign project mid implementation and ran across an issue that I was not 100% sure able to be resolved. Implementation is occurring in which the organization is changing over to a different ISP and we have some customers that will not be able to change their settings over to our new addresses from some time. I have seen a lot of posts about fail over and dual ISP configurations, but I could not relate them to this particular scenario.
View 3 Replies
View Related
Nov 1, 2011
does cisco 2811 support?if no, can i make it work for BGP?also, i want to know the configuration of bGP for twoo ISPs for link failover.it will be google if u tell me step by step approach for configuring it
View 1 Replies
View Related
Aug 8, 2012
I have two ISP need to connect them on my router.
The Router that I have is 2811 where it contains two Fa ports only, so I put an access switch between the two ISPs and the Fa0/0 then configured the Interface Fa0/0 with two IPs ISP1 and ISP2 as a secondary.
The problem that I faced that when ISP1 become down the another secondary IP (ISP2) stay down and the internal users have no access to the internet.
View 1 Replies
View Related
Jan 24, 2010
I want to link ASA 5505 to two ISP's for backup purpsose. I can see this configuration example here url...
Question - does the ASA 5505 do load balancing as well for both connections - is there an example somewhere? (I do not want to buy two ASA 5505's!) which seems the only way I could find configuration details for!
View 6 Replies
View Related
Mar 30, 2012
I understood that service provider will use hardware Alcatel 6850 on the distribution/core and Zyxel 2108G on customer access level.query is that service provider says it's not VPLS which should work most probably through MPLS network of ISP.ISP noted that it would be direct 802.1q VLAN between two sites without any Layer3 on ISP side.
How to:
- understand what kind of connection this will be?
- is this connection is fine for customer?
- identify if this kind of connection will be fine for converge network (voice+data) ?
- what should I ask to ISP to clarify details?
View 8 Replies
View Related
Oct 16, 2011
How to load balance two/three ISPs using ACE.
What might be the default gateway?Can i create a serverfarm with two rserver with different subnets?
View 4 Replies
View Related
Apr 19, 2012
have a PIC 515e connected to two ISPs via 2 interfaces. ISP1 is a 3.5Mbps aDSL line, and ISP2 is a 30Mbps business cable. I've confirmed the speeds by connecting the cabled directly into a laptop and using wget to download very large files from known-fast sites.
For admin reasons, I need to access two specific subnets using the slower ISP1. The rest of internet traffic should go to the much faster ISP2.
So I configure ISP2 as the default gateway, static routes for the two subnets to ISP1, set up NAT (PAT) and it all works like a charm. I've confirmed that ISP1 is used for only the two subnets, and ISP2 for everything else. CAPTUREs on the pix also confirm this. So far, it all works great.
But for reasons I don't understand, my max. download speed is 3.5 Mbps (the slow DSL). Using various speed tests and wget, I simply cannot get a download speed faster than my 3.5 Mbps DSL line.
Here is my config:
interface ethernet0 100full
interface ethernet1 100full
interface ethernet2 100full
[Code]....
View 1 Replies
View Related
Aug 4, 2011
We want to implement multicast on our network. We are going to use for online teaching purpose. I am very new at Multicast and not have much idea about it. We are not running any routing protocol in our network, only static route. The multicast server is located at One of our office and it is connected with L2 (Cisco 2960) switch, L2 switch is connected to L3 switch(Cisco 4948). L3(Cisco 4948) and Core Switch(Cisco 6509) with FWSM are connected with E-3 link with tunnel. Router 1 and Router 2 are connected with P2P ILL links which are terminated at serial interface. The Multicast Server IP is 192.168.2.131/25. The scenario of our network are mentioned below:
Multicast Server--->(L2 Switch)--->(L3 Switch)--->(Core Switch)--->(FWSM)--->(Router 1)---->(Router 2)--->(L2 Switch)--->(Multicast Client)
We have created a seprate vlan (i.e. vlan 102, interface IP is 192.168.2.129/25) for multicast at L3 switch, enable multicast routing, defined rp-address(i.e. 192.168.2.129/25), enable sparse-dense mode at multicast vlan as well as at some other vlan also for testing purpose and joined multicast group (i.e. Multicast IP is 224.3.3.5). At core switch we have also enabled multicast routing, defined rp-address (i.e. 19.268.2.129/25), enable sparse-dense mode at user vlan and inside vlan of FWSM and joined multicast group at user vlan and inside vlan. At FWSM we have enabled multicast routing, defined rp-address(192.168.2.129), doesn’t find any option to enable sparse-dense mode and joined Multicast group at inside vlan and router 1 vlan. At Router 1, we have configured the same thing. We have configured mroute at all the devices. We are able to ping from end to end. We are testing multicast by Multicast IP checker tool (provided by vendor). Multicast is working fine at L2 switch, L3 switch and Core Switch, but not from Router 1. Ping is reachable from Router 1. After doing mtrace at Router 1, the following output has come:
Router 1 (Mtrace with destination address 192.168.2.131)
mtrace 172.21.15.2 192.168.2.131 224.3.3.5
Type escape sequence to abort.
Mtrace from 172.21.254.50 to 192.168.2.131 via group 224.3.3.5
From source (?) to destination (?)
[Code] .....
If , we do mtrace from gateway IP address(i.e. 192.168.2.129) as destination address then mtrace is getting completed, but if mtrace is done from Mutlicast server IP address(192.168.2.131) as destination address, then mtrace is not getting completed.
We have connected one laptop at Router 1 vlan to test Multicast. The host, which is connected to Router 1 vlan is able to send multicast packet to other host and other host at different vlan are receiving it , but it’s unable to receive multicast packet send by other host of different vlan.
Do I need to enable igmp snooping at L2 switch, L3 switch and Core Switch ? I am not able to understand or can't figure out where i have configured wrong.
View 23 Replies
View Related
Aug 15, 2012
we have an heterogeneous network with Cisco devices (6509-E, 3750G and 3560) and Alcatel 6850 devices. We have to enable a PTP Wifi line as a backup for the fiber line between two buildings. For this purpose, we have connected a wifi device to GigabitEthernet 0/47 of SWIHGJ1 and configured it as: [code]
View 2 Replies
View Related
Oct 23, 2011
Friend of mine has a setup out in the sticks, currently with two ISPs: Hughesnet satellite, and a line-of-sight WiFi provider; they're also getting a cel tower within range soon and he's looking at adding an HSPA/LTE connection via that as well.the first gives him a static IP and ridiculous speed and bandwidth at night... but far less speed and a painfully low bandwidth cap during the day (you go over, you pay through the nose).
The second gives lots of bandwidth but poor speeds (difficult to even watch a YouTube video) and a constantly-changing dynamic IP.The third, once implemented, will give him good speeds and decent bandwidth (I believe up to 10GB/mo) but again, will get spendy if he goes over that limit.Right now, I've got him set up with both routers plugged into the same network, multi-homed the NICs on his machines (192.168.0.* for Hughes, 192.168.1.* for LOS) and a little script on each computer that will change the default gateway to let him select which ISP he wants to use... however, it's going to get trickier with a third, and will make it even tougher to keep track of the bandwidth used on each one... especially with multiple computers, a DVR, and two users.
So I'm looking for some way to automate all this... something that will, say, use the HSPA feed most of the time for his whole home network, switch to LOS if it gets near the cap, and switch everything over to the satellite automatically during "unlimited" hours. Again, I'm not opposed to setting up something PC-based with the appropriate software, although for my own sanity, it would really need to be Windows-based (I'm way below n00b with Linux).
View 3 Replies
View Related
Aug 25, 2011
What we are trying to accomplish here use two ISP's (one cable and one T1), use the Cable line for site-to-site VPN and use T1 line for all internet traffic. We currently use the following configuration: Cisco 2820 routers terminating the T1 -> HP switch -> Cisco AS 5510 port 0 -> port 1 to LAN switch (Nortel 5510)We want to force all VPN traffic (using 10.0.0.0/24 subnets - 10.0.1.0, 10.0.2.0, etc) through a cable connection, perhaps on port 2 of the ASA, then all non VPN traffic goes to the T1.
View 1 Replies
View Related
Jul 31, 2012
I have an ASA 5505 current f/w & the security plus license (to get the 3 nameif interfaces). Can I split traffic between two ISPs, (VPN traffic to one destination on a T-1 on one VLAN, and all other traffic using DSL to another VLAN) and using a different nat policy on both? I know load balacing isn't supported, only failover. I was just wondering if there was a way to make this work.
View 3 Replies
View Related
