rodneygray
asked on
Setup a failover ISP
We have a small company that has several remote sites. We use Terminal Services to connect thru the internet to the server. Users start a desktop terminal services icon that points to mycompany.com.
I have a SonicWall TZ170. I have two internet providers, ISPA and ISPB. I have a static ip from each provider: a.a.a.a and b.b.b.b. I have set provider ISPA up as the primary provider.
I have an A record at my hosting site that points to a.a.a.a. I also want the hosting site to point to b.b.b.b. Then, when users startup the TS icon, if ISPA is down, they will go to ISPB.
My first question is, am I handling this in the correct manner? If so, can I have two A records that point to different static IP's? If not, what is the best way to accomplish this task?
I have a SonicWall TZ170. I have two internet providers, ISPA and ISPB. I have a static ip from each provider: a.a.a.a and b.b.b.b. I have set provider ISPA up as the primary provider.
I have an A record at my hosting site that points to a.a.a.a. I also want the hosting site to point to b.b.b.b. Then, when users startup the TS icon, if ISPA is down, they will go to ISPB.
My first question is, am I handling this in the correct manner? If so, can I have two A records that point to different static IP's? If not, what is the best way to accomplish this task?
ASKER
Sonic Wall OS: SonicOS Enhanced 3.1.0.11-30e
I assume I create the address objects on the SonicWall. Do I create those in access rules?
How would my remote sites get to primary site if primary ISPA fails? When their desktop TS icon is started, it points to mycompany.com. The A record IP address would cause DNS to point to the router that no longer functions. Wouldn't DNS would have to be setup to point to ISPB address b.b.b.b in that case?
I just don't see how addresses access to internal server would work if DNS does not point to the site.
Thanks for you help in this matter.
I assume I create the address objects on the SonicWall. Do I create those in access rules?
How would my remote sites get to primary site if primary ISPA fails? When their desktop TS icon is started, it points to mycompany.com. The A record IP address would cause DNS to point to the router that no longer functions. Wouldn't DNS would have to be setup to point to ISPB address b.b.b.b in that case?
I just don't see how addresses access to internal server would work if DNS does not point to the site.
Thanks for you help in this matter.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The VPN idea is probably the best idea and is the one I will use.
Create your firewall and NAT policy to allow Addresses access to your internal server. Caviat - you can only NAT an internal server to a single IP outbound (multiple inbound). So NAT it to a.a.a.a which is on X1. With WAN failover, the SonicWALL automatically knows to NAT it to X2 so don't worry about it.