SRX Services Gateway
Reply
Contributor
mtan@data-edge.com
Posts: 95
Registered: ‎03-27-2011
0

Failover between 2 ISP

hi,

i want to configure Fail over 2 isp. also fialove r vpn.

my diagram is

 

remote site--->Internet-->MX480--->ISG---->SRX650

 

my vpn termination point is SRX650.

now my question is where will be do failover?

 

any one help me?

 

Maung Tan

 

Thanks
Maung Tan
data edge limited
Recognized Expert
rasmus
Posts: 377
Registered: ‎02-28-2010
0

Re: Failover between 2 ISP

Your problem is not clear to me,

 

however, what i understand is that "you want to establish a VPN between remote-site and 650, and you have two internet links available through different ISPs"....

 

Now if you want to failover, in case of any ISP goes down, to restablish the VPN; you need to do the failover scenario on MX router ...

 

However, implementing failover strategy between ISPs on MX router tricky, if you need help please let me know ...

 

regards

 

Hafiz Muhammad Farooq
JNCIE-SEC, JNCIP-SEC, JNCIS-SEC, JNCIS-FWV
JNCIS-SP, JNCIS-SA, JNCIA-JUNOS
IBM Qradar Deployment Professional

[Please mark it as Accepted Solution if it works, Kudos if you like]

Contributor
mtan@data-edge.com
Posts: 95
Registered: ‎03-27-2011
0

Re: Failover between 2 ISP

hi,

my network is :

SRX650(central side)--->ISG---->MX---->Internet------>Remotside(SRX)

 

1. i have 2 isp.

2.my vpn termination point is SRX

3.SRX650,ISG2000,MX480, this divice ip are real ip.Real ip mean public ip. now runnning by 1 ISP.

3 vpn termination ip is alos public ip and will be terminate at srx650

same disgn i will be do with 2nd isp

 



my requirement:  isp and VPN failover will be respectively

 

my question is : where will be fail over ?

 

thanks

Maung

 

 

 

Thanks
Maung Tan
data edge limited
Recognized Expert
rasmus
Posts: 377
Registered: ‎02-28-2010

Re: Failover between 2 ISP

if 2nd isp is terminated on MX then failover should occur on MX ...

 

if 2nd isp uses separete ISG and MX, failover should occur on SRX650 ...

 

use track-ip to implement failover ...

 

regards

 

 

Hafiz Muhammad Farooq
JNCIE-SEC, JNCIP-SEC, JNCIS-SEC, JNCIS-FWV
JNCIS-SP, JNCIS-SA, JNCIA-JUNOS
IBM Qradar Deployment Professional

[Please mark it as Accepted Solution if it works, Kudos if you like]

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.