You're on the right track. The 1st thing you need to do is configure
an SAA probe. Pick an external address that you will use to determine
if the connection is up. It can be the same for each site, or
different for each site.
rtr 1
type echo protocol ipIcmpEcho x.x.x.x
rtr schedule 1 start-time now life forever
Where x.x.x.x is the address you are monitoring.
Next, create a tracked object for rtr 1
track 10 rtr 1 reachability
Now the poblem is that you have to make sure your rtr pings go out
through your local firewall, not accross the WAN to the other
firewall, otherwise it will mistakenly think the connection is up.
ip access-list RTR
permit icmp any host x.x.x.x echo
route-map MAP permit 10
match ip address RTR
set ip next-hop y.y.y.y
set interface null0
Where x.x.x.x is the address you are monitoring, and y.y.y.y is the
address of your firewall. The set interface null0, is not really
necessay because your firwall is directly connected. But in other
situations it might be, and it does no harm.
Next, make your default routes dependent on the rtr status.
ip route 0.0.0.0 0.0.0.0 y.y.y.y track 10
Then redistribute the default static into eigrp.
router eigrp 100
redistribute static metric 1500 100 255 1 1500
You may want to tweak the rtr parameters to get the desired results.
Check the documentation for details.
You could also use a floating static instead of redsitributing, but if
both Internet connections are down it will result in a routing loop.
On Sat, 21 Aug 2004 08:39:31 -0400, "PES"
<NO*SPAMpestewartREMOVE**SUCK S> wrote:
>This would be very simple if the Sonicwall could detect the link down. My
>guess is that your sonicwall is connected to a broadband connection of some
>sort. Therefore the interface state probably doesn't go down every time
>there is a interruption in service. So if the sonicwall cannot detect the
>link down itself there is no easy way to redirect this with Cisco.
>
>The only thing I could think of is if you got the Sonicwalls configured
>correctly to handle both subnets. Then configured the Cisco's to have a
>persistent host route to the upstream gateway from the sonicwall (each isp).
>Then configure ping based routing to track that address. If not available
>use a floating static accross the wan. Not that simple, but it might work.
>
><> wrote in message
>news:.. .
>> Given the following scenario:
>>
>> Site 1:Cisco 1720 router
>> --------------------------------------
>> FastEthernet0: 10.0.1.1 255.255.255.0
>> Serial0: 172.16.1.1 255.255.255.252
>> encap HDLC
>> ip subnet-zero
>> Router EIGRP 100
>> network 172.16.0.0
>> network 10.0.0.0
>> no auto-summary
>> ip route 0.0.0.0 0.0.0.0 10.0.1.254 (sonicwall firewall)
>>
>> client configuration: DHCP
>> 10.0.1.50-10.0.1.200
>> SNM: 255.255.255.0
>> DG: 10.0.1.1
>>
>> Site 2:Cisco 1720 router
>> --------------------------------------
>> FastEthernet0: 10.0.2.1 255.255.255.0
>> Serial0: 172.16.1.2 255.255.255.252
>> encap HDLC
>> ip subnet-zero
>> Router EIGRP 100
>> network 172.16.0.0
>> network 10.0.0.0
>> no auto-summary
>> ip route 0.0.0.0 0.0.0.0 10.0.2.254 (sonicwall firewall)
>>
>> client configuration: DHCP
>> 10.0.2.50-10.0.2.200
>> SNM: 255.255.255.0
>> DG: 10.0.2.1
>>
>>
>> How can these sites internet connections be made redundant? For
>> example, sine the routers on each side each have a default route to
>> the local firewall (a sonicwall device), how can I configure these
>> routers so that, if the sonicwall locally is unresponsive (i.e. the
>> local internet connectiion is down), the router automatically routes
>> the connection to the default gateway of the router on the other side
>> of the WAN?
>>
>> There has to be an easy way to make this happen. Any help is
>> appreciated.
>>
>> Thanks!
>> Joe Keegan
>>
>>
>
Similar Threads
