[cisco-voip] ISP and VPN Failover for Call Manager based VOIP network

Manoj Kalpage manoj.kalpage at gmail.com
Wed Sep 13 05:19:45 EDT 2006 

 Dear All,
I am looking for ISP fail over for VoIP network. We have small
enterprise VoIP network. If I explain our network bit, Basically we
have call manager and unity server in main office with PIX515. All the
branch offices has PIX 501. With attached fail over solution I am going to
create two tunnels from each branch office and have them connected to each
firewall in main office. I think this way if one PIX515 fail at main office,
still branch office can be connected through second PIX515. Bellow is the
router configuration for routing between two PIX 515. This configuration
itself doesn't mean anything without looking at a diagram.I need to test
this but I don't have enough gears with me right now and also I don't have
100% confidence on this. So, I would like to share with you folks. Any
comments and ideas would be greatly appreciated.

Please find the diagram bellow link (Sorry it's han written one )
http://proxy.f2.ymdb.yahoofs.jp/bc/857e55a/bc/bd7f/failover.jpg?bcQM9BFBNirrJIWq

best regards,
Manoj


ip cef

!####Establish sla monitors for use in tracking objects####!

ip sla monitor 1
type echo protocol ipIcmpEcho 174.16.0.1
threshold 3
frequency 5
ip sla monitor schedule 1 life forever start-time now

ip sla monitor 2
type echo protocol ipIcmpEcho 173.16.0.1
threshold 3
frequency 5
ip sla monitor schedule 2 life forever start-time now
!

!####Configure Tracking objects (referencing IP SLA monitor's above)####!

track 101 rtr 1 reachability
!
track 102 rtr 2 reachability
!
!
!
!
!####Configure Interfaces with NAT####!

interface FastEthernet 0/1
ip address 172.16.0.1 255.255.0.0
ip nat inside

!
interface Fastethernet 0/0
ip address 173.16.0.2 255.255.255.0
ip nat outside

!
interface Fastethernet 0/2
ip address 174.16.0.2 255.255.255.0
ip nat outside

!
ip classless
!####Configure gateway of last resort with tracking objects####!
ip route 0.0.0.0 0.0.0.0 173.16.0.1 track 101
ip route 0.0.0.0 0.0.0.0 174.16.0.1 track 102

!####Configure NAT statements for most outbound traffic####!
ip nat inside source route-map ISP1 interface FastEthernet 0/0 overload
ip nat inside source route-map ISP2 interface FastEthernet 0/2 overload

!
access-list 10 permit 172.16.0.0 0.0.0.255
access-list 101 permit icmp any host 173.16.0.1 echo
access-list 102 permit icmp any host 174.16.0.1 echo

!
!####Configure route maps for reference in NAT statements####!
route-map ISP2 permit 10
match ip address 10
match interface Fastethernet 0/1
!
route-map ISP1 permit 10
match ip address 10
match interface Fastethernet 0/0
!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20060913/628b9352/attachment.html

More information about the cisco-voip mailing list