Lately, small companies (say, gross revenues under $50M) are rapidly adopting the strategy of multiple Internet transports to protect against outages and achieve better uptime. These transport types are the garden variety non-enterprise broadband links, such as DSL, cable and wireless.
Consider for a moment how much the average worker depends on what we might refer to as basic technologies: email, web browsing, and IP Telephony. Now, factor in the more complicated business applications that might reside in the cloud data-center, third-party hosting or a VPN accessible corporate server.
This pathway must be robust and ideally redundant.
There are several techniques for link fail-over: software routing (ECMP versus Static), dedicated appliance and manual intervention. Fortigate devices can handle multiple Ethernet hand-offs; this makes the device transport agnostic. Furthermore, you can easily configure the Fortigate with dead gateway detection to facilitate automatic failover.
Basic Link Failover can be accomplished utilizing two key components:
- Two default routes to ISPs with variable weighting (distance of 10 is more preferred than a distance of 20). Configure your static routes to reflect primary versus secondary path by weighting the secondary path with a higher distance.
- Configure a ping server under the Router|Settings|Dead Gateway Detection. Click on: create new and simply follow the interface options (you’ll need to create these ping servers for all ISP interfaces you are utilizing). Be sure to pick a reliable ping target, which I advise to be your ISP gateway router. However, you can certainly use other options such as public DNS servers.
As with any solution, be sure to test your configuration to ensure proper routing and failover.
0