Solved

how do i set up juniper ssg5 failover for 2nd isp?

Posted on 2009-04-03
1
2,561 Views
Last Modified: 2012-05-06
i have a juniper ssg5 with my primary isp going into it. i have a backup isp comming into the building but not into the ssg5. is there a way i can do this? my config is very straight forward, not much routing. also once i do this is there anything i need to set up like dns forwarders on my servers or dns and mx records at our hosting site?

heres a copy of my config- do i need to add any dns info or backup routes?
0
Comment
Question by:cfischer225
1 Comment
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 24072195
When you say the second ISP is not going into SSG5, I understand that if you connect an unused interface on SSG5 to secondary ISP network, this link can be used go to internet in case of primary ISP failure.

Let's assume you are using ethernet0/0 for primary ISP and are using ethernet0/1 for backup internet.

The steps needed are:
1. Configure ethetnet0/1 for Untrust zone.
2. Add route for secondary ISP with higher metric so when the primary goes down; secondary would take over.
Eg,
     set route 0.0.0.0/0 int e0/0 gate <primary_isp_gateway> preference 20 metric 20
     set route 0.0.0.0/0 int e0/1 gate <secondary_isp_gateway> preference 20 metric 30

I am assuming that the ethernet0/0 link would go down in the event of ISP failure; if this is not the case, then we would need to configure interface tracking and in case of failure track-ip would trigger failover.

Thank you.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now