Pradeep Kumar wrote: > Folks > > Can anyone try your heads on this one. > > A company has one WAN link to ISP A and one WAN link to ISP B. Both ISPs > have assigned IP subnets to be used on the company side of the links. There > is a firewall that protects the corporate network. It will have addresses on > both ISP subnets. Trusted hosts have private IP addresses, so NAT must be > used when establishing connections to external servers. SMTP traffic passes > from an external mail relay server to an internal SMTP server via a public > NAT address (from either ISP subnet). > > How would you go about building a fault tolerant solution so that both ISPs > can be used (either load-shared or as active/backup) for outbound client > traffic and inbound SMTP traffic? Can this be accomplished currently using a > Cisco PIX (in HA config). If not, what feature would be needed in order to > support this? > > I think this could be accomplished if NAT rules had the ability to do > health checks on upstream gateways. Then, just configure two NAT rules (one > to each ISP subnet) in order of priority. If the health check for the first > NAT rule fails, then skip that rule and use the next matching NAT rule. > Route the traffic to the secondary gateway of the secondary ISP. > > > Anyone faced this situation before > > Thanks folks > > Pradeep > > >
Try linkproof from radware (http://www.radware.com in section product), it's a lot more easier to install than BGP linkproof allows several Isps and need some DNS changes regards raphael
