CISCO 1811 with T1 and DSL?

I

illumina315

Limp Gawd
Joined
Dec 21, 2004
Messages
291
Good Morning all,

We currently have a 1.5 T1 with multiple IP addresses allocated. We want to order a DSL backup for redundancy, but that would only have 1 IP address given to us. Can I use a CISCO to declare multiple IP ranges for WAN 1 (the T1), and a single ip for WAN 2 (the DSL)?

Essentially, what I need is for internet to stay up when the T1 breaks, and our mail server to still be able to receive emails.

thanks!
 
I can't offer specific model/brand advice, but I know many companies out there (Including cisco) offer router with multiple WAN ports, with both load balancing and then of course, fall over on fail capability (WAN1 no longer works, put everyoneon WAN2). If you are going to be ordering DSL along side, something with Load Balancing would probably be the best thing, being speed will be similiar among the two, plus you'll be utilizing both connections.
 
Thanks for the reply, but i guess my wording really sucks, or I didnt explain everything in details.

We have a seperate T1 box into a PIX501 currently, with 10 IPs allocated. We are ordering a DSL backup for failover purposes, which would come with a Cable Modem. Ultimately i will be plugging 2 simple CAT5 cables into a router. I guess my question is.. Can i set WAN 1 to have multiple IPs (server has 1 static, and a few other statics set), and also have WAN 2 be set for the single IP, but with port 25 going to the email server?


thanks!
 
illumina315 said:
Thanks for the reply, but i guess my wording really sucks, or I didnt explain everything in details.

We have a seperate T1 box into a PIX501 currently, with 10 IPs allocated. We are ordering a DSL backup for failover purposes, which would come with a Cable Modem. Ultimately i will be plugging 2 simple CAT5 cables into a router. I guess my question is.. Can i set WAN 1 to have multiple IPs (server has 1 static, and a few other statics set), and also have WAN 2 be set for the single IP, but with port 25 going to the email server?


thanks!
Click to expand...

Yes, but be sure you still have a firewall between you and the interent.

I am doing something similar with two T1's at my work. So I have two MX records for DNS and I am actually using my firewall to provide the failover. But it could just as easily have been a router. (But one of the T1's to the internet came with a router from the ISP that I am not supposed to touch, so I just had my firewall do the load ballance/failover, the other, my main T1 I use my own Router for.) I actually have mulitple IP's available to me on both T1's.

edit: wait, why do you want to put multiple IP's on WAN1? You ususally only assign one IP to an interface.. you can have it route to multiple public IP's (What I do)

==>Lazn
 
thanks for the reply.

I have several other static IPs that I use for remote connections via VNC. Are you suggesting I use the router for JUST the email server IP, and keep the PIX 501 for the rest of the connections?

thanks,
~E
 
illumina315 said:
thanks for the reply.

I have several other static IPs that I use for remote connections via VNC. Are you suggesting I use the router for JUST the email server IP, and keep the PIX 501 for the rest of the connections?

thanks,
~E
Click to expand...

I don't even know where to start here. And it is about time for me to get going, so let me just say, I highly recommend you attend a "Hard Hat" or similar network security class.

==>Lazn
 
illumina315 said:
thanks for the reply and suggestions.

...am i that bad of a noob to this stuff? :/
Click to expand...

Probably not that bad..

But a firewall of some sort is needed, and I would recommend a policy based firewall with deep packet inspection and gateway antivirus. Otherwise you are just asking for virus outbreaks on your network. You would not believe the number of web exploits my firewall blocks on my network (though I have kids labs that I have to administer and they are the worst offenders) but if I had an older firewall that doesn't do deep packet inspection, those computers would be infected just from web browsing, not from even downloading anything.

As for email, you just want multiple MX records in DNS, one pointing to each public IP for your email server. If one fails to respond, email will come in on the other one. And if you are using a smart host, you might have to have all your oubound email use one route, or have your ISP set their smart host to accept email from your other public IP even though it will not be from their network.

==>Lazn
 
thanks again for the reply and comments.

.. Could I PM you my current network layout and ask for your suggestions?

~E
 
illumina315 said:
thanks again for the reply and comments.

.. Could I PM you my current network layout and ask for your suggestions?

~E
Click to expand...

I would be happy to help, but am going out of town in ~4 hours and will not be back untill Wednesday.. so if it can wait till then feel free.. Otherwise, I am sure there are others that can help you out here.

==>Lazn
 
You must log in or register to reply here.
Back
Top