7

I've got a Cisco 1900 router which connects to the Internet using a primary and a secondary WAN connection. When the primary connection is up, all traffic use this link. When the primary connection is down, I use the secondary connection to connect to the router to troubleshoot why the primary link is down.

Sometimes I would also like the two connection to be up and running at the same time. I would then like to be able to access the router using SSH on either one of its public IP-addresses.

Is there any (easy) way of having both these interfaces accessible at the same time?

Marcus Jansson
  • 81
  • 3
  • 2
    It's unclear how are you selecting the primary and secondary connections. Please add more details and perhaps even a diagram because the question is too unclear at this point. – Mike Pennington Jul 08 '13 at 11:06
  • That is sort of part of the question but basically, both connections should be up and running at the same time and they both could have 0.0.0.0/0 routes with equal metrics. My objective is to be able to SSH to the router over both WAN1 & WAN2 simultaneously. – Marcus Jansson Jul 09 '13 at 01:22
  • 1
    who is providing WAN connectivity to this router? Your company? Upstream ISPs? What protocols can you run with your WAN providers? – Mike Pennington Jul 09 '13 at 01:53
  • Both of these WANs are just simply ADSL connections (using external modems) in bridge/modem mode. – Marcus Jansson Jul 09 '13 at 03:30
  • Did any answer help you? if so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you could post and accept your own answer. – Ron Maupin Jan 04 '21 at 01:03

2 Answers2

6

As long as both interfaces have public IP addresses, which it sounds like, you have two options:

1) IP SLA: outbound traffic will only use one interface at a time.

Essentially, you configure a static default route out the primary interface, which is tracked and a static default route out the secondary interface. If the tracking finds an issue, the tracked route is removed, making the default route out the secondary interface

IP SLA link

R1(config)# ip sla 1
R1(config)# icmp-echo $primaryNextHop source-interface $primaryInterface
R1(config)# timeout 1000
R1(config)# threshold 2
R1(config)# frequency 3
R1(config)# ip sla schedule 1 life forever start-time now
R1(config)# track 1 ip sla 1 reachability
R1(config)# ip route 0.0.0.0 0.0.0.0 $primaryNextHop track 1
R1(config)# ip route 0.0.0.0 0.0.0.0 $secondaryNextHop 10

2) BGP peer with ISPs: this can be configured to allow traffic outbound on both interfaces at the same time. You can also set this up to allow ISP1 to receive traffic for the secondary interface and vice versa (BGP Multihoming)

emynd
  • 524
  • 4
  • 6
  • 2
    Note: sla is not necessary in this simplified example. Two default routes with different metrics will do the same thing. When one interface goes down, the routes through it will be removed from the active route table. The `ip sla` method should test something further upstream. – Ricky Jul 08 '13 at 20:20
  • Unfortunately having two 0.0.0.0/0 routes with different metrics doesn't solve my issue. Essentially I would like traffic coming in on WAN1 to go back out on WAN1 etc. – Marcus Jansson Jul 09 '13 at 01:11
1

After doing some reading, it seems like VRF (lite) might be the solution to my problem. That way I can maintain two separate routing tables for each WAN connection and I should have access to the router using either VRF.

Marcus Jansson
  • 81
  • 3