WAN Redundancy Setup

Similar Messages

• WAAS Peering in a redundant setup

  Hi,
  Any idea how this autodiscovery works in a redundant setup? where i have 2 WAE in the Head office and 2 WAE in the DR site. How will the 2 WAE in the HO peer with the 2 WAE int he remote site?
  thanks
  Autodiscovery of WAAS Devices
  Cisco WAAS includes an autodiscovery feature that enables WAEs to automatically locate peer WAEs on your network. After autodiscovering a peer device, the WAEs can terminate and separate the LAN-to-WAN TCP connections and add a buffering layer to resolve the differing speeds. Once a WAE establishes a connection to a peer WAE, the two devices can establish an optimized link for TCP traffic, or pass the traffic through as unoptimized.
  The autodiscovery of peer WAAS devices is achieved using proprietary TCP options. These TCP options are only recognized and understood by WAAS devices and are ignored by non-WAAS devices.

  Thank you for your reply.
  I'm attaching the topology.
  Actually the 2 sites will be connected by redundant routers and links and EIGRP load balancing between these 2 links. So asymetric routing is there: outgoing traffic might pass through WEA1 and WAE3 and return traffic WAE3 (or WAE4?) and WAE2!
  In order to avoid asymetric situation we want to design WCCP as ACTIVE/STANDBY by adjusting the "weight" field for WCCP load balancing. I have the following questions:
  1- if we choose a weight of 100 for WAE1 and WAE3 and weight of 10000 for WAE2 and WAE4. Does this mean that 100% of the traffic will flow between WAE1 and WAE3? (and no traffic between WAE2 and WAE4?) and in case of a WAE failure (say WAE1 is down), WAE2 will take 100% of the traffic load?
  2- Traffic flow: we know that WCCP will load balance by default based on the source ip and then the weight: this is for incoming traffic passing through the LAN sub-interface of the router (where we have " ip wccp 61 redirect in") what about the return traffic from the remote site? return traffic entering the WAN interface of the router (where "ip wccp 62 redirect in" is configured) does the weight applies here too?
  3- Egress traffic (return traffic from WAE) to the router will choose the original router that sent him the traffic since we will be running the latest WAE version and configuring GRE method. is that correct?
  My purpose is to implement WAE redundancy with automatic failover without load balancing at all and make sure that always WAE1 and WAE3 are active and WAE2 and WAE4 are standy and will take all the traffic only in case of failure.
  Thanks

• I wan't setup for sccm 2012 read only console

  i wan't setup for sccm 2012 read only console

  There is role read only analyst please assign same to user or group.

• WAN Redundancy

  Between two datacenter sites we have a WAN connection provided by a local Telco and routing between sites is using BGP.
  We also have a layer 2 fibre end to end connection between the datacenters for diversity, although this fibre link is not part of the BGP routing process.
  I would like to enable automated failover of the routing between sites utilizing the secondary end to end fibre connection in the event that we lose the the primary connection.
  Currently, I am only utilizing the end to end fibre connection for some traffic using policy based routing. In the event of a BGP outage I have to manually add static routing via the secondary fibre link to reconnect the sites.
  I would be interested in how I could better automate this process and utilize both circuits for redundancy, bgp, ip sla's?.
  I would appreciate any recommendations or direction on a possible solution.
  thanks, Peter.

  Thanks guys for your recommendations...I just want to get a little more detail to move forward
  We have a pretty minimal setup with a router at each datacenter. The current primary connection currently runs E-BGP via a local Telco and most of our traffic is routed this way.
  A second Telco then provided a layer 2 fiber connection which we have terminated at both ends on the datacenter routers as a /30 end to end directly connected connection.
  Both connections are approx 20Mb metro between the datacenters with 100Mb access connections terminations.
  I would like to utilize both links as much as I can and use dynamic routing to have routes fail over if one of the links goes down.
  As mentioned, I only currently use the direct fiber connection by implementing policy based routing and if the primary E-BGP connection goes down I have to add static routing to use the direct router connection.
  I don't really care which connection is the primary / secondary but I do want to use both links and have dynamic failover.
  Would you recommend declaring an internal routing process for the direct fibre connection using OSPF, RIP v2 or EIGRP for this?
  If the traffic then prefers the direct fiber link for routing the datacenter to datacenter traffic is it possible to use Policy based routing across the E-BGP link?
  Any other things to watch out or be careful with this set up?
  I know that we should have dual routers etc at each end, but we currently just have a warm spare at each end and I want to move forward from the static routing arrangement and then tackle the single point of failure issue a little bit later.
  thanks, Peter.

• Exchange 2010 WAN redundancy

  Hi all, I am looking to add some redundancy for inbound/outbound SMTP. I have Exchange 2010 running all roles in one VMware VM. I was having trouble getting this to work with our firewall, so I spoke to tech support at sonicwall and their recommendation
  was this.
  Add a NIC in the Exchange VM for each WAN link that we have (Currently 2). Then use the sonicwall's Route Policies to connect each NIC to each WAN link (one NIC for one WAN) to use for outbound SMTP.
  Does this sound like a good plan? Any pitfalls/issues I should be aware of?

  OK great thanks. I am posting in both forums. In this context I was mainly curious if Exchange would have any problems with multiple NICs. In case of failure, should I expect it to try every available NIC when routing outbound
  SMTP? Do I need to configure anything for it to be aware of each connection?
  That's really a Windows question :)  You can associate receive connectors with IP addresses, but not a send connector. Also, with multiple NICs, only one of them is going to have a defined gateway. Seems to me that the redundancy would be built in the
  VMHost and/or switch/router etc... and not into the NICs on the Exchange guest.
  Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

• Cisco 3750X redundency setup Query

  My current network setup is shown in the attached file which is not completely redundant.
  I am replacing the current EOL switches with new one Cisco Catalyst 3750X for L3.
  What is the way to implement redundency for L3 switches? Is it using 2 L3 switches in a stack? Do I need any SFP ports/cables between the 2 L3 switches, or just cascade enough?

  What is the way to implement redundency for L3 switches?
  Each stack has two uplinks:  One to the primary 4006 and another to the secondary 4006.  Unfortunately, you can't use EtherChannel.  Both uplinks from the stack should not be from a single 3750X unit.
  Is it using 2 L3 switches in a stack?
  A minimum of two units of 3750X can perform a stack (or a mixture of 3750/3750G or 3750E).  Bear in mind that the entire stack should have the same IOS version and the same Feature Set or License set.
  Do I need any SFP ports/cables between the 2 L3 switches, or just cascade enough? Ok, now this I don't understand.  Can you elaborate further?

• Ip alias in the redundant setup

  We're trying to setup a redundancy for the 2 ACE modules in the separate 65xx and were wondering if we would need to setup an ip alias address. what is it for anyway?
  Thanks..

  Hi,
  an alias IP is like an HSRP or VRRP address between two routers. It provides a shared IP address between the two redundant ACEs.
  It should be used in routed mode as default gateway for the servers or as next-hop for the upstream router to reach the subnets behind the ACE.
  more info can be found here:
  http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A2/configuration/rtg_brdg/guide/vlansif.html#wp1034811
  HTH,
  Dario

• NEED HELP PLEASE Setting up 2 VLANS and a redundant WAN connection

  I have a remote branch office which is actually a huge bar/lounge. The bar wants to enable patrons to access the Internet with their wireless laptops. I want to prevent those patrons from accessing our private network, and also prevent them from traversing our static VPN tunnel back to HQ.
  The bar processes all credit cards via the T1 connection, and this has caused us to lose money every time the T1 goes down while we're open, since there is no WAN redundancy right now.
  Here is my current hardware configuration:
  1) one PIX 501 50-user 3des.
  2.) two Dell 3024
  3.) one Aironet 1100(g) AP.
  Current LAN Network: 10.35.35.0
  (internal employees only, static VPN tunneled to remote HQ network)
  Current Wireless SSID's:
  SSID1=PRIVATESSID
  SSID2=PUBLICSSID (not currently in use, waiting to figure this out)
  Current WAN: one T1 connection.
  WHAT I WOULD LIKE TO DO AND NEED HELP FIGURING OUT:
  #1a) I want to create two separate VLAN's that are able to share the WAN connection, but not be able to "see" each other.
  #1b) These VLAN's would be mapped to their respective SSID's on the AP (PRIVATESSID>10.35.35.0 and PUBLICSSID>192.168.1.0).
  #1c) The 192.168.1.0 network should not be able to traverse the static tunnel between the branch site and HQ.
  #2) I would like to install a backup WAN connection such as a modem 56k dial-up to an ISP or a cable modem to an ISP. In case the primary T1 goes down, I would like the router to automatically dial out over the modem conection and route all Internet bound traffic over that backup WAN connection, until the primary comes back online.
  Question 1:
  I'm assuming I need a router to do the intervlan routing. Could this router also do the on-demand WAN backup dialing to an ISP via analog modem?
  What IOS version and flavor (IP base, IP+, etc.) would I need? What is the cheapest router I can do all that with (i.e. 2620/2621/1720/3600 series)? What WIC's or NM's would I need?
  Question Two:
  I would like to prioritize PRIVATESSID's traffic over PUBLICSSID's traffic, which I know I can do on the access point. Can I do this on the router so that any 10.35.35.0 traffic takes priority over any 192.168.1.0 traffic?
  Question Three
  If the primary T1 WAN connection goes down, I don't want the router to re-route the 192.168.1.0 traffic over the backup 56k dial-up WAN connection. That traffic can wait until the T1 comes back up.
  Any help you can provide would be very much appreciated.

  Assuming your access points can place SSID into separate vlans and support 802.1q trunks then I can attempt to answer your questions. There are seperate secuity issues with both SSID for protection and VLANs for seperation but in your case in may be minimal.
  q1
  Any cisco router that will run 802.1q trunking will work. Since you are looking at older routers you will need IP+ to get it. Even 2610's will support 802.1q on their 10m ethernet at the correct code level but 10m and 802.1q is sorta nonstandard. Since your backup is only 56k you can use the internal modem port as a dial backup. A wic-2a/s will also work if you prefer not to use the modem port. You will need some wic to run your t1 line. If you are planning to leave the t1 on another router it makes the next 2 questions much harder.
  q2
  This is fairly simple and depends on your ios level. "priority queing" is supported on even the older software. I assume you do not control the far end of the t1 line since it sounds as if this goes to a ISP.
  You will need to have them do the QoS since most issues with the internet are inbound and not outbound. You can only control outbound traffic.
  q3
  If the T1 is on the same router then this is fairly simple. You can just put a floating static default route in that will cause the dialer to come up if the the t1 goes down. There is no easy way to protect against the line being up but no traffic passing. This is also why it would be best to have the t1 on the same router. If its not you will need to get very creative to solve this. You could build a GRE tunnel to a remote location and montior the tunnel or run a routing protcol over the tunnel. In the newest software you could use SAA and policy routing to force the traffic over the dialer but the router must support ios 12.4.
  3a. You mentioned a cable modem as a backup. That can be much easier sometimes since it is all routing and no dialer interfaces with nasty modem issues. This does not make the issue of the t1 not on the same router easier.

• Trying to setup a redundant server for server 2012

  have some questions  regarding creating a backup for an all in one server. The server has active directory, DNS, the file server and everything on it. I'm trying to create a redundancy setup in case of failure. So I was reading about failover clusters
  and this seem to be what I need to do. I'm just a little bit confused. What is the difference between using hyper V and using clusters?
  When I create a cluster and add servers to it, what exactly happens? For instance simplest case I have the main server with all the data. Now I bring in another machine with nothing on it. I install windows server 2012 on it and add it and the other computer
  to a cluster. Does the data from the main server automatically get copied onto all the servers that are part of this cluster? At this point if one server fails will the other one take over?
  Any help is greatly appreciated.
  -FlipFlop

  have some questions  regarding creating a backup for an all in one server. The server has active directory, DNS, the file server and everything on it. I'm trying to create a redundancy setup in case of failure. So I was reading about failover clusters
  and this seem to be what I need to do. I'm just a little bit confused. What is the difference between using hyper V and using clusters?
  When I create a cluster and add servers to it, what exactly happens? For instance simplest case I have the main server with all the data. Now I bring in another machine with nothing on it. I install windows server 2012 on it and add it and the other computer
  to a cluster. Does the data from the main server automatically get copied onto all the servers that are part of this cluster? At this point if one server fails will the other one take over?
  Any help is greatly appreciated.
  -FlipFlop
  You can think about Hyper-V cluster Vs. generic cluster like Hyper-V is a beehive of an independent clusters :)
  You need to install Windows Server 2012 R2, enable Hyper-V role, virtualize all workload (keep all tasks inside separate set of VMs, don't run anything inside parent partition and don't use multiple roles either) and configure guest VM cluster (make sure
  you use shared VHDX for that).
  Data is not copied, you use shared storage and control gets passed to another VM running on another physical host. That would provide you smallest amount of downtime (if any). From the other point of view VM HA *would* have some downtime (VM reboots on another
  physical host).
  Some links for your interest (guest VM cluster, file server cluster, shared VHDX, shared storage for Hyper-V etc):
  Deploy an Active Directory-Detached Cluster
  http://technet.microsoft.com/en-us/library/dn265970.aspx
  Failover Cluster Step-by-Step Guide: Configuring Accounts in Active Directory
  http://technet.microsoft.com/en-us/library/cc731002(v=ws.10).aspx
  Cluster Nodes as a DCs
  http://support.microsoft.com/kb/281662
  How
  To Setup Redundant DNS Servers 2012
  http://www.techstaty.com/how-to-setup-redundant-dns-servers-2012/
  Working
  with File Shares in Windows Server 2008 (R2) Failover Clusters
  http://blogs.technet.com/b/askcore/archive/2010/08/19/working-with-file-shares-in-windows-server-2008-r2-failover-clusters.aspx
  Failover
  Cluster Step-by-Step Guide: Configuring a Two-Node File Server Failover Cluster
  http://technet.microsoft.com/en-us/library/cc731844(v=ws.10).aspx
  Using
  Guest Clustering for High Availability
  http://technet.microsoft.com/en-us/library/dn440540.aspx
  Deploy
  a Guest Cluster Using a Shared Virtual Hard Disk
  http://technet.microsoft.com/en-us/library/dn265980.aspx
  How
  to Configure Storage on a Hyper-V Host Cluster in VMM
  http://technet.microsoft.com/en-us/library/gg610692.aspxHope
  this helped a bit :)
  StarWind VSAN [Virtual SAN] clusters Hyper-V without SAS, Fibre Channel, SMB 3.0 or iSCSI, uses Ethernet to mirror internally mounted SATA disks between hosts.

• AirPort: Setup over WAN/Bonjour?

  Hi all
  Can anyone explain me the difference between these 2 features of the AirPort Extreme:
  - Allow setup over WAN
  - Allow setup over the Internet using Bonjour
  What's the difference? And what should I do to setup the Base Station over WAN or Bonjour?

  This is a guess, but I think that for the second option to be active, the first option would have to be active.

• 2 ISP load balancing and redundancy

  Hello!!
  Our small company has about 40 branches spreaded within city. Branches are connected by optic wire supplied by our ISP. So in ISP our branches are located in one VLAN. From every branch we created VPN tunnel to our server room in central office. Central office is like a cetner point. If optic wire fails to central office, there would no VPN tunnels and no network to all branches. Moreover, all the traffice goes through central office.
  Now we decided to pave one more optic line to our central office. And that will increase bandwidth and redundancy.
  Private network topology: There are no default gateways and ip-addresses. For examle, at first branch I will plug computer directly into media converter and at the second branch plug another computer to the media converter. After that this two computers became in one network. And can assign any ip addresses to them.
  What I have: our firewall do enough work, don't want to overload it. But we have some free ports in our new cisco 3750. The question is how to do load balancing and redundanccy? Can it do load balancing according to traffic? And how load balance incoming traffic? For example, connection was established from branche's router, how this router will choose through which line make connection? By the way, at all branches we use noisy cisco
  3700 series routers.

  Sorry for upping 1 year old threat.
  We talked to our Network Provider. They said "these two cables are coming from two different places, so there is no way to use etherchannel. You must use active-standby solution."
  Relying on STP we just put two cables into 3750 stack. But with default STP settings, connection was very unstable, many packet losses and disconnections. So we found easy solution with "flex links", making one interface backup of the other. And only now I recognized that this is not a failover solution. Because, if network beyond media converter will down, link from media converter to switch would still up.
  What could I do to make our L2 WAN redundant? Are there any additional STP settings.

• RV120W VPN Setup - basic help needed

  Hi all,
  I've recently bought a RV 120W Wireless-N VPN Firewall hoping it would ease me in creating VPN and remote connectivity. But I seems to be struggling with this.
  Here is my situation.
  When I bought my Cisco router I didn't know it had an ethernet port for WAN. I thought it would have a RJ11 compliant port. So now I am having to put the router behind my modem.
  I gave my modem's LAN 192.168.2.1 and to RV120W I gave 192.168.2.2.
  All PC's are not connected to internet via RV120W. For RV120W, the local IP network is 192.168.1.0. I've set 192.168.1.1 as the management IP of the Cisco RV120W. All the PC's can get internet from the above layout arrangement.
  With frustration, I've portforwared all my ports on the modem (except 1 port) to RV120W i.e to IP 192.168.2.2.
  If I enable PPTP on RV120W I can ping its port (1723 i remember) from outside. If I connect to port 80 from outside my network, I can get the managemnt interface of the RV120W.
  With the help of the RV120W's userguide I managed to create VPN policy stuff via the 'basic VPN Setup' menu. The guides says to use a wizard but there is no wizard for VPN setup.
  With that I have even created users (of every type) but I just can't make the connection.
  When I use the QuickVPN to connect... its goes from "Connecting", "Activating Policy" again "Connecting" and then a big error saying a couple of things that might have caused the error.
  I want to start from the beginning.
  Can somebody please help me.
  First... what I am I supposed to put in the fields of the following screenshot. Especially the fields "Remote WAN's IP Address", "Local WAN's IP Address" and "Local LAN IP Address".

  Once I knew about the bridge mode thing from this discussion, I started reading the manual of the modem in regard to the brigde mode setup.
  According to the manual, the 'Data' bulb on the modem would be off if the modem is in bridge mode. and I've successfully put the modem on bridge mode I guess. It was pretty easy. I just deleted all the WAN setup rules/configs and began with the initial setup wizard which basically had the option to set the modem to bridge mode. After so, the 'Data' bulb got off meaning the modem is now in bridge mode. I am happy about that
  But... still not done.
  I put one ethernet cable into of the LAN ports of the modem and put the other end in RV120W WAN port. Logged into to RV120W, configured new PPPoE profile (I have the user and pass details) and attached it to the WAN internet setup config.
  I went back to the dashboard of RV120W to see if WAN was up. It didn't. I gave some time. It didn't work. It says 'connecting' but never connects.
  What am I doing wrong? Am I putting the cable between the modem and router the right way?
  ...and also, when the modem is in bridge mode will it forward all packets from lan to wan and vice versa or is it like forwarding packets to all ports once recieved.
  (I am learning so much with this RV120W )

• RV180W Setup Issues

  Hi all,
  This is my first post on these forums so please bear with me.  I just began using Cisco's small business products and have loved them all until I tried the RV180W.  First of all, getting an internet service in the location of this installation was a nightmare in itself.  We ended up having to arrange a "HomeFusion" broadband service from Verizon Wireless.  After crossing that hurdle, I've now run into several problems trying to get the RV180W setup behind the VZW router which is the source of internet access.  I've tried the following configurations and run into the following problems.
  During the Setup Wizard selecting the following Functions:
  Router w/ WAN Port connected to port on Verizon RouterSetup completes, router restarts then Router is unable to be accessed until WAN port is disconnected
  Access Point w/ Connection between VZW Router and RV180W (not WAN port)Setup completes, router restarts, internet access available but unable to access router configuration page
  I've tried all sorts of permutations of setup but I can't seem to figure this one out.  I assume there's something crucial I'm missing.  I was thinking that perhaps I need to setup port forwarding on the VZW router and configure the RV180W to access a static IP.  Let me know if anyone can help me out with this.  I'll will provide any other information that you need.
  - Patrick

  Hi Patrick, when connecting  to the VZW router with a computer, what IP address do you receive from it?
  -Tom
  Please mark answered for helpful posts

• ACE redundancy with bridge mode

  I need configure redundancy between two ACE modules (no problem). There is context in bridge mode. My question is, in which state is standby context. Is it in blocked state (that means, it not ansfer to any L2 requests) similar as for example ASA? I need explain loop-free topology.
  can anybody explain me, how it works?

  Yes, that's correct.
  If you have a redundant setup, don't forget to allow the Spanning-tree BPDUs!
  Create an ACL that permits BPDUs and configure it on the both ACEs on the client- and serverside:
  access-list NONIP ethertype permit bdpu
  int vlan 10 ! client-side
  access-group input NONIP
  int vlan 20 ! server-side
  access-group input NONIP
  more info:
  http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A2/configuration/rtg_brdg/guide/bridge.html#wp1174530
  Please rate if this was useful for you.
  Kind regards,
  Dario

• Request for best connectivity Setup for WRT 1900ac. DHCP issue

  Hello Customer Care Team.
  I imported the WRT 1900ac router from the USA to my location in India. Apparently your Customer care in Indai don’t give any support for this fantastic router.
  I am  not at your mercy for assistance.
  Please help & guide me in getting the best out of it and with a good setup.
  MY ADSL+2 Modem Router : Netgear
  Internet connectivity as follows:
  Lan IP
  192.168.1.1, subnet : 255.255.255.0
  Dhcp server On : start: 192.168.1.2    End : 192.168.1.254
  Wan IP Setup
  PP0E  LLC/SNAP NAT on 
  Wan Ip auto assigned
  MTU: 1492
  My Linksys  wrt1900ac wireless is setup as follows for 2.4ghz & 5ghz
                            2.4 ghz                                                             5ghz
  Network mode   mixed                                                              mixed
  Security mode    wPA2                                                              WPA2
  Channel width    auto                                                                 auto
  Channel                auto                                                              auto
  Besides above WRT 1900ac has:
   1. NAT enabled
  2.Local network DHCP enabled as :
  DHCP server enabled
  Start IP: 10.185.21.100   end: 10.185.21.199
  IP 10.185.21.X Range
  3. Internet setting on WRT 1900ac as:
    IPv4  Auto DHCP Configuration     MTU Auto
   I want you to tell me if my Linksys WRT 1900ac is configured correctly and the DHCP server IPs are correct.
  When I enter 192.168.1.1 in the browser it takes me to my netgear modem web setup page. So How do I get to make all the modem & the wifi in the range of 192.168.1.1 etc.
  Please help & provide your best solution for fast speed .
  Thanks
  Solved!
  Go to Solution.

  Sorry you didn't get an answer faster but you have to know this is a peer to peer forum. it is users helping other users so not always the quickest way. First off, can you change your ISP router to modem only mode? It is best that way as you will get conflicts such as what you are seeing when there are two routers in the same link. You are getting the ISP router when you enter 192.168.1.1 because that is its address on the LAN side. It appears that your router is getting set to a 10.x IP because of the setup. You have two routers trying to work with DHCP so that is also an issue. If you can change the ISP router to modem only mode then once it is up disconnect it from the router and do a factory reset on your router and make sure it has the IP of 192.168.1.1 and you will then be able to make any changes you need to. the default login is password of admin and leave the user blank.