[c-nsp] Dual Homing

Darwis Herman magic.hand at live.com
Wed May 14 05:36:07 EDT 2014


Dear Daljit,

The ACL hits showing that customer's gateway successfully reached ISP's end (C4500). That is just a control mechanism that will make sure only allowed IP can travel thru back to ISP.

I don't have the control over Fortigate. The customer told me that that Fortigate configured with primary and secondary WAN link. It will sense the availability of links. If primary is down, it will divert to secondary.



Dear Bruce,

Yes, as of the ACL, ISP controls the inbound, Fortigate controls outbound from customer end.



What is required in this setup is, 172.21.200.32/27 can travel thru both links at any point of time. Not necessarily load balanced.





Best Regards,

 

Darwis Herman



 

“This is 10% Luck, 20% Skill,
15%  Concentrated Power of Will,  5% Pleasure, 50% Pain And a 100%  Reason to Remember The Name!”



> Date: Wed, 14 May 2014 01:02:34 -0700
> From: bep at whack.org
> To: magic.hand at live.com; cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Dual Homing
> 
> Darwis Herman wrote:
> > Dear Gurus and Friend,
> > 
> > I am seeking a little help on my setup as below:-
> > 
> > 
> >                   /-----------1st Link  (C4500)----------\
> > ISP --------                                                              ---------------------- CUSTOMER (Fortigate 200B)
> >                   \-----------2nd Link (C4500)----------/
> > 
> > 
> > Current Setup:-
> > 
> > Customer is having 2 connection to a same ISP. 
> > ISP assigned both links with 2 VLANs with point-to-point (/30) IP addresses for gateway termination.
> > ISP also assigned a pool of /27 public IP addresses to CUSTOMER.
> > CUSTOMER requires the /27 public IP to be accessible from both links.
> > 
> > 
> 
> What are you expecting out of the C4500's?  ISP controls the inbound.
> Fortigate controls the outbound.
> 
> -- 
> =========
> bep
> 
> 
 		 	   		  


More information about the cisco-nsp mailing list