Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 570
  • Last Modified:

Juniper failover scenario

We have an office that has 2 internet ISPs, a comcast circuit their primary and another one that is an integrated voice/data circuit that I would like to use as a failover.  

Would i just create 2 routes, one to the comcast and one to the integrated voice/data and give the comcast one a lower administrative distance value so that it is primary?  or is it not quite that easy?
0
techlinden
Asked:
techlinden
1 Solution
 
techlindenAuthor Commented:
nevermind.  i think i see how to do this.  i found this online.  http://kb.juniper.net/InfoCenter/index?page=content&id=KB8704
0
 
Sanga CollinsSystems AdminCommented:
I do the same thing a little differently. By putting the secondary interface in a custom zone in the untrust-vr. You can have both interfaces active at the same time. each VR can have its own default route. and in the trust-vr i make the failover route as follows: 0.0.0.0/0 --> untrust-vr, metric = 25.

When primary interface goes down, the new default route will send traffic to the untrust-vr and out to the internet. It allows me to use both connections for different services like web traffic out of connection #1 and server traffic out of vpn on connection #2 while still providing failover. You can also do the same default route 0.0.0.0/0 --> trust-vr, metric = 25 to have failover in both directions!
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now