How to configure Cisco HSRP ISDN Dialup Failover using two 2811 Routers
Posted on 2009-05-12
We currently have 2 x Cisco 2811 Routers on a point-to-point link using ISDN - the one at our Main Office dials our remote office when there is a problem at the remote office. The ISDN line is always connected at the Main Office but the line is physically disconnected at the remote end unless it is needed. Simple, and it works.
However, I now need to setup a failover system at the Main Office in case the Main Office router goes down - it has to be 'automatic' (no one physically plugging up a 'spare router') I have another router here at the Main Office to configure.
I have established:
1: I Need 2 Routers at the Main Office
2: I need more ISDN lines as both routers will need permanent ISDN connectivity
3: I need to run HSRP
The questions are:
1: Can each of the two routers at the main office have an identical config on them (apart from E0/0 - which I assume will need to be different!) i.e. can hostname be the same etc. But I need to be able to telnet to each of the individual physical routers while at the remote site myself - so I assume they will need different loopback addresses. (Yes I know telnet is bad)
2: Or do I need a different hostname, loopback and physical IP address for each router? I know the standby Virtual IP will be identical on each. We re using simple static routes, no routing protocols for simplicity.
3: With HSRP does the inactive router lie totally dormant? i.e. So can I put identical dialer strings in both routers at my Main Office without causing any problems as one is always dormant? i.e. I don't want two router trying to dial my reote office at the same time!
4: How will HSRP behave when the link to the remote site is down (as it is most of the time) - will the two routers continually flip back and forth trying to be the Active HSRP router if neither router has a route/ISDN link to the remote office? Or will they 'give-up' after each fails once?
5: I assume my firewall will need to be configured to now allow 3 addresses through as opposed to the existing one. i.e. a virtual and two physical?
Any help or pointers would be greatly appreciated,