Routing
I have a watchguard firebox that is my gatway x.x.x.254
I will be adding another device that goes to another internet isp x.x.x.253 (this will be a vpn router connecting to an ASP.)
The plan was to put a routing statement on the watchguard to send desired traffic requests to the ASP VPN router which we'll call 10.10.10.0
Here would be my statement ip route 10.10.10.0 255.255.255.0 x.x.x.253.
The problem is, if my watchguard goes down for any reason, then I lose the routing statement to the ASP.
Anyone got a good workaround that would keep my ASP connectivity working even if the firebox was down?
I'm posting this to win2003 cause that is what my network back end is.
Thanks,
Mike
I will be adding another device that goes to another internet isp x.x.x.253 (this will be a vpn router connecting to an ASP.)
The plan was to put a routing statement on the watchguard to send desired traffic requests to the ASP VPN router which we'll call 10.10.10.0
Here would be my statement ip route 10.10.10.0 255.255.255.0 x.x.x.253.
The problem is, if my watchguard goes down for any reason, then I lose the routing statement to the ASP.
Anyone got a good workaround that would keep my ASP connectivity working even if the firebox was down?
I'm posting this to win2003 cause that is what my network back end is.
Thanks,
Mike
put a router between your network and two devices(watchguard and VPN router)
Either add a router as Vahik has said (although this adds another single point of failure), or add static routes to the devices (Servers, PC's etc) that need to send data via the VPN router.
To add a persistent static route to a windows box, the command is:
ROUTE -p ADD 10.10.10.0 MASK 255.255.255.0 x.x.x.253
To add a persistent static route to a windows box, the command is:
ROUTE -p ADD 10.10.10.0 MASK 255.255.255.0 x.x.x.253
ASKER
I really don't want to add another point of failure and I was aware of the Route command for workstations. I just didn't know if I could have a backup gatway for workstations and accomplish that without having to run a route command in a login script or having to touch every pc on the network.
For anything that has its IP address assigned by DHCP, you can assign the route using DHCP Option 249 - Classless Static Routes.
ASKER
got an article?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.