• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 571
  • Last Modified:

Juniper failover scenario

We have an office that has 2 internet ISPs, a comcast circuit their primary and another one that is an integrated voice/data circuit that I would like to use as a failover.  

Would i just create 2 routes, one to the comcast and one to the integrated voice/data and give the comcast one a lower administrative distance value so that it is primary?  or is it not quite that easy?
1 Solution
techlindenAuthor Commented:
nevermind.  i think i see how to do this.  i found this online.  http://kb.juniper.net/InfoCenter/index?page=content&id=KB8704
Sanga CollinsSystems AdminCommented:
I do the same thing a little differently. By putting the secondary interface in a custom zone in the untrust-vr. You can have both interfaces active at the same time. each VR can have its own default route. and in the trust-vr i make the failover route as follows: --> untrust-vr, metric = 25.

When primary interface goes down, the new default route will send traffic to the untrust-vr and out to the internet. It allows me to use both connections for different services like web traffic out of connection #1 and server traffic out of vpn on connection #2 while still providing failover. You can also do the same default route --> trust-vr, metric = 25 to have failover in both directions!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Managed Security Services Webinar - March 15

Selecting the right managed security services platform to grow your business can be a huge undertaking. Join WatchGuard and Frost & Sullivan in an upcoming webinar as we dive into the key elements of selecting a vendor platform and partnership to fuel a successful MSSP business.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now