Solved

Recommened equipment for load balancing a T1 and a Cable internet connection.

Posted on 2010-09-07
16
527 Views
Last Modified: 2012-06-27
I have a customer that is purchasing a T1 for phone and secure tunneling to another office.  They currently have Cable internet with a 3 year contract.  Rather than buying out the contract, I'd like to continue using Cable for internet traffic and the T1 for voice and VPN only.  

The T1 service is from Time Warner and it's their Converged product.  What piece of equipment would you guys recommend for this type of configuration?  

Thanks
0
Comment
Question by:jfeemster
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
  • 2
  • +2
16 Comments
 
LVL 9

Expert Comment

by:Gianpiero Rossi
ID: 33619623
look at that
www.peplink.com
0
 
LVL 11

Expert Comment

by:crouthamela
ID: 33619864
What firewall do they currently use? What equipment is being supplied as part of the T1 and secure tunnel?
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33619868
You can always get a Cisco 2800 with a T1 WIC, use a combination of IP SLA and PBR to failover/load balance traffic.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a00808d2b72.shtml

Billy
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 2

Author Comment

by:jfeemster
ID: 33619900
Will check out peplink.  

They are just using the Firewall built into the Comcast modem right now.  Waiting to hear back from Time Warner on the T1 router being installed.  My understanding is that the T1 router will handle the secure connection to the second office for the TW Converged product.  
0
 
LVL 11

Expert Comment

by:crouthamela
ID: 33619965
For a similar cost to the Peplink you could get a SonicWall TZ100 which can do dual-WAN.

http://www.sonicwall.com/us/products/TZ_100.html
0
 
LVL 33

Accepted Solution

by:
digitap earned 500 total points
ID: 33620475
You can go with a TZ series sonicwall as the gateway to the Internet and have the T1 router route traffic accordingly.  Anything that's NOT bound for the T1 connection goes out a different gateway (sonicwall).  Or, you could have the sonicwall do all the routing.  Hang the LAN interface of the T1 router off a physical interface of the sonicwall.  Have the sonicwall be the gateway for the network hosts.  The sonicwall would then route traffic accordingly.  If the later suggestion, then I'd go with a TZ210 or gerater.  You'll want something that will be fast enough to route all that traffic quickly.I don't see that you need two WAN interfaces.  You really only need a firewall for the cable connection and a router to route traffic between the two.  Since the T1 router is considered ON the network as it will be the demarc for the traffic on the other side of the VPN, you don't need to firewall that appliance.  Am I assessing this correctly?
0
 
LVL 2

Author Comment

by:jfeemster
ID: 33622484
I got a little more information from Time Warner.  Their converged router, or what they are calling a Managed IAD (integrated access device) is an Adtran 924e.  Its going to provide an Ethernet handoff which will go into whatever router we purchase.  So digitap, I think you're right, I probably don't need dual wan, but I need to be able to route the traffic properly.  I'll check out the SonicWall product.

Thanks.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33622635
then that's correct....sonicwall x3 > Adtran > remote site.  You'd create a separate IP network between that the LAN of the adtran sits on.  So, if the LAN interface of the sonicwall is 192.168.1.0/24 and the remote site is 192.168.2.0/24, you could make the X3 interface of the sonicall and LAN of the Adtran 10.10.10.0/24.  X3 would be 10.10.10.1 and the LAN of the Adtran could be 10.10.10.2.  Set a route on the sonicwall that access to 192.168.2.0/24 would use 10.10.10.2 as the gateway.  What does the remote site look like?  Will you purchase a sonicwall for the other end as well?
0
 
LVL 2

Author Comment

by:jfeemster
ID: 33622696
Thanks digitap, that makes sense.  The remote site will also be getting a TW T1, but it will be used for voice, data, and secure tunnel.  They have a Netgear FV318, so I'll probably keep using that for now.  
0
 
LVL 33

Expert Comment

by:digitap
ID: 33622732
cool...you don't have a firewall in place where you want to install the sonicwall?  sorry if you've indicated that already...
0
 
LVL 2

Author Comment

by:jfeemster
ID: 33622737
That's correct, just using the Comcast modem firewall currently.  
0
 
LVL 33

Expert Comment

by:digitap
ID: 33623016
ok...i see why you'd want to get a firewall.  obviously, you'd move the public ip to the wan of the sonicwall and configure the comcast in transparent bridge mode.  also, i wrote an article on configuring the mtu of the sonicwall wan interface.  i'll pass that along later.  ok...i think i'm done for the evening.  happy sonicwall hunting!
0
 
LVL 2

Author Comment

by:jfeemster
ID: 33623145
Thanks digitap for all your help, greatly appreciated.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33623161
0
 
LVL 2

Author Closing Comment

by:jfeemster
ID: 33631020
Thanks for all the great responses.  Greatly appreciated.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33631098
you're welcome...thanks for the points!
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question