• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Dynamic route change. High availability.

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> General >> Dynamic route change. High availability. Page: [1]
Login
Message << Older Topic   Newer Topic >>
Dynamic route change. High availability. - 30.Sep.2009 5:33:39 AM   
delaghetto

 

Posts: 41
Joined: 19.Feb.2007
Status: offline
Hi, we're trying to find a solution for this issue we have.

We have 2 offices, the HQ and the branch in different cities.

So in the branch office we have an ISA Server, and all the traffic in the LAN goes through it. So ISA routes all the traffic to the internet to our DSL modem. The problem is the traffic that goes to the HQ.

We have 2 VPN routers that connect us to the HQ. So ISA sever's IP is 10.2.1.1, and the HQ IP is 10.1.1.1 The VPN routers are 10.2.1.2 and 10.2.1.3

Now at present we have a route created in ISA that says all traffic to the HQ goes through the 10.2.1.2 router.

The problem is that in case of failure of the connection made by the 10.2.1.2, we automaticaly want the traffic to be routed to the 10.2.1.3
router. How can we do this in ISA Server so we have High availability to the resoruces in the HQ??

Thanks..
Post #: 1
RE: Dynamic route change. High availability. - 30.Sep.2009 10:55:26 AM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
None of this has anything to do with ISA.
ISA is not in any way going to be part of the solution.

You need dynamic routing to be the solution and that happens with Router (real routers,...LAN Routers,...not "home-user" NAT boxes commonly and incorrectly called routers).

You need a LAN Router positioned in the "center" of your LAN.  If you only have one subnet then you'll have to "invent" a new subnet hanging off the side of LAN router that you just aren't using for now.

The VPN Device must be capable of using Dynamic Routing protocols,...if they can't your screwed.  You configure the VPN Devices and the LAN Router to work together with dynamic routing protocols (like RIP, IGRP, etc).

Then the LAN Router becomes the Default Gateway of every machine on the LAN except the ISA.  The LAN Router then uses the ISA as it's Default Gateway.  If you ever do use the "extra" subnet hanging off the side of the LAN Router then the ISA will have to have a Static Route added and the Internal Network Definition adjusted to copensate for that.

_____________________________

Phillip Windell

(in reply to delaghetto)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> General >> Dynamic route change. High availability. Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts