Questions

2 ISPs 1 Router 1 Pix Firewall

+
0 Votes
Locked

2 ISPs 1 Router 1 Pix Firewall

deepakd_fic
Hi Everyone,
I have a network and setup is 2 ISPs, 1 Router, 1 Pix Firewall.

Network Diagram is as below:-

ISP1---____Cisco1721---Pix-Firewall---Switch
ISP2---

Config Details as belows:-
---------------
Cisco Router
Config
Ethernet0
ip address X.225.109.90 255.255.255.248
Ethernet1
ip address X.241.184.129 255.255.255.240
FastEthernet0
ip address 172.20.1.1 255.255.255.224
------------
Pix Firewall
Config
ip address outside 172.20.1.2 255.255.255.224
ip address inside 192.168.23.254 255.255.255.0
global (outside) 1 interface
nat (inside) 1 192.168.23.0 255.255.255.0 0 0
apply (inside) 1 outgoing_src
route outside 0.0.0.0 0.0.0.0 172.20.1.1 1
--------------
Switch to ISP1
ip nat inside source static 172.20.1.2 X.225.109.91
ip route 0.0.0.0 0.0.0.0 Ethernet0
ip route 0.0.0.0 0.0.0.0 X.225.109.89
---------------
Switch to ISP2
ip nat inside source static 172.20.1.2 X.241.184.130
ip route 0.0.0.0 0.0.0.0 Ethernet1
ip route 0.0.0.0 0.0.0.0 X.241.232.70
----------------------------------------
I am using the "Switch to ISP1" and "Switch to ISP2" options to switch from one ISP to another ISP manually.

I want the routing configuration where this switching will happen automatic in case of the link goes down and i want to know, can i configure VPN on the Firewall with both the isp's an it will work with the switching of ISP's as well?
  • +
    0 Votes
    SYNner

    Just create a floating static route on your 1721.

    ip route 0.0.0.0 0.0.0.0 X.225.109.90
    ip route 0.0.0.0 0.0.0.0 X.241.184.129 10


    The first route without an administrative distance will populate the routing table. When that link goes down, the router will remove that route and replace it with the other route.

  • +
    0 Votes
    SYNner

    Just create a floating static route on your 1721.

    ip route 0.0.0.0 0.0.0.0 X.225.109.90
    ip route 0.0.0.0 0.0.0.0 X.241.184.129 10


    The first route without an administrative distance will populate the routing table. When that link goes down, the router will remove that route and replace it with the other route.