Blog location changed
press here to see the topic
Blog location changed
press here to see the topic
Our company may have two connection to the internet through 2 ISPs. If we want to use one connection as primary and other as backup, we can use IP SLA to monitor the link. It detects the link failure even if the connection between modem and ISP fails. So it helps to switch over to the backup path automatically as soon as the primary path is down.
Step1 : Configuring SLA process
R1(config)#ip sla 1
R1(config-ip-sla)#icmp-echo 8.8.8.8
R1(config-ip-sla-echo)#frequency 5 (Means, every 5 second send icmp-echo packet to the ip 8.8.8.8. This can by any reliable IP on internet)
R1(config-ip-sla-echo)#exit
Step2: Scheduling SLA process
R1(config)#ip sla schedule 1 start-time now life forever (Means, start the sla process now and don’t end)
Note: we can check the process using the following command
R1#show ip sla statistics
Step3: Create a track object to track the change. It is used to inform the router about the current condition
R1(config)#track 10 rtr 1 reachability (this will inform the router if any reachability problem occurs. rtr is the old name of IP SLA)
R1(config-track)#exit
Step4: Create two static route two both ISPs with some tweaks
R1(config)#ip route 0.0.0.0 0.0.0.0 fastEthernet 0/0 track 10
R1(config)#ip route 0.0.0.0 0.0.0.0 fastEthernet 0/1 2
Now router will select ISP1 as primary path because of administrative distance is lower. If the link to ISP1 is down, then router automatically switch the connection to ISP2
Syntax of static route configuration is :
Route <interface-name> <ip address> <netmask> <gateway ip> [distance]
Objects:
ASA1(config)#route inside 172.30.10.0 255.255.255.0 172.30.30.2 1
ASA1(config)#route inside 172.30.20.0 255.255.255.0 172.30.30.2 1
ASA1(config)#route outside 0.0.0.0 0.0.0.0 192.168.1.2
Note: we can use the command “route outside 0 0 192.168.1.2” for default route, both are same.
Port |
TCP |
UDP |
Description |
20 |
x |
FTP-data |
|
21 |
x |
FTP (login access) |
|
22 |
x |
x |
SSH |
23 |
x |
Telnet |
|
25 |
x |
SMTP (Mail, MTA) |
|
53 |
x |
x |
DNS |
80 |
x |
x |
HTTP (Web) |
110 |
x |
x |
POP3(email); generally uses TCP |
119 |
x |
NNTP (Usenet news) |
|
139 |
x |
x |
NetBIOS (Microsoft) |
143 |
x |
x |
IMAP (email) |
161 |
x |
x |
SMTP (Network Monitor) |
443 |
x |
x |
HTTPS |
465 |
x |
SMTPS (Secure mail over SSL) |
|
993 |
x |
x |
IMAPS (Secure IMAP over SSL) |
995 |
x |
x |
POP3S (Secure POP3 over SSL) |
SDM configuration steps:
R1(config)#username binoy privilege 15 secret cisco
R1(config)#ip http server
R1(config)#ip http secure-server (allows encrypted access)
R1(config)#ip http authentication local
Now download SDM from www.cisco.com/go/sdm and install it in the computer (requires java runtime environment) and launch the SDM by giving IP address in SDM launcher
Connected interface | 0 |
Static route | 1 |
Enhanced Interior Gateway Routing Protocol (EIGRP) summary route | 5 |
External Border Gateway Protocol (BGP) | 20 |
Internal EIGRP | 90 |
IGRP | 100 |
OSPF | 110 |
Intermediate System-to-Intermediate System (IS-IS) | 115 |
Routing Information Protocol (RIP) | 120 |
Exterior Gateway Protocol (EGP) | 140 |
On Demand Routing (ODR) | 160 |
External EIGRP | 170 |
Internal BGP | 200 |
unknown | 255 |