Hi.

I have 2 T1 from 2 different ISP which require me to use their own Cisco routers for the 100% uptime guarantee.

Can I get a VPN gateway with dual WAN ports with outbound load balancing so I can both T1 connections without changing the Routers from the 2 different ISP?

Can these devices function between my router and network(or does it have to act as my router?)

Such as :

https://www.xincom.com/twr603.html
or
https://www.hotbrick.com/produto.asp?tipo=3&catpro=2

Do I have to have both T1 circuits from the same ISP which terminate on the same router or can I use a dual WAN VPN gateway to do this after my routers?


Sorry if this is a newbie questions.

Thanks.

The only way to do path manipulation beyond you managed network is through BGP. BGP is the road atlas of the internet. Unlike Interior Gateway Protocols such as EIGRP and OSPF that route by IP address, EGPs such as BGP route via Autonomous System (AS) number. BGP has a full set of complex metrics it uses to do path manipulation. Currently the internets routing table is larger than 20megs. Even if ISP did honor your BGP (which they wouldn't) you would be doing asymmetrical routing which is generally a bad idea. Imagine the problem associated with variable latency, etc.

Here is what I recommend. If you can ask for two aggregated T1s from the same carrier, they can use ppp multilink and aggregate the bandwidth. If you already have the T1s you other option would be to monitor your traffic flows based on application. Run a SPAN session to a packet sniffer and determine what types of traffic is currently in your network. After you obtain that information route your traffic based on those needs. You may want to use one T1 just for VPN and use the other for HTTP, SMTP, RDP and other traffic. Have your VPN device on one T1 and have another firewall on the other. You could also buy a 28xx or 17xx with the firewall feature set and run everything off of one device. Just make sure you have enough WIC slots.

Greg

I pm'd you. I'll find it in the morning.


Corwyn

Thanks for your response.

I think I should of explained what I was trying to do a little better.

I am not looking to give every person the combination of 2 T1( 3Mbps) for each and every user.( I guess I would need to bind 2 T1 on a single router for that)

Rather, I’m just trying to split some of the traffic between the 2 T1 connections.


I have a backup location(offsite) which I wanted to connect my office to.

I will be doing 2 things with the offsite backup.

1. Transferring a bunch of files from the offsite location to my office.

2. Using a VPN to access some data input screens for about 60 users in my office.

I am just wondering if I could split the traffic up a little with multiple VPN tunnels between the different T1(from different ISP).

So maybe 75% of users used one T1 and 25% of the users(and file transfer) use the second T1.

Basically to split the traffic a little .

I was told in another forum that something like this could be done with an Intermediate router or aggregation point, or by modifying the default gateways.

I will admin I am a newbie at this and I'm really just trying to get pointed in the right direction. I do not know what an aggregation point or intermediate router are but was hoping maybe you could let me know a company that made these devices.

Is there a product I can buy or a software configuration to look at that will allow me split some of the traffic between my 2 T1 from 2 different ISP without changing the current Cisco routers?

I hope this may of cleared things up a little bit.

Thanks for your help.

https://www.netgear.com/products/details/FVS124G.php

Netgear has the simplist VPN routers I've seen. The only thing I question is how the remote side would know which public WAN IP to connect to. I guess some users will access IP#1, and others IP#2, to "split the traffic a little". Also, I believe the router lets you choose how to use the two WAN connections, either a true split/load balance, or outbound traffic on one/inbound on the other, or some combination thereof.

Netgear VPN is certified to be compatible with numerous other VPN products. Linksys, for example isn't, though they do offer similar routers.

I think using different default gateways is a simple solution, but you still should monitor your traffic to determine what to send where. You could build a route map for SMTP/POP3 or you could set your gateway on your exchange server to point to the T you want to send the data out on.

I think what each Vendor is doing . If I understand your post correctly is charging a Router License Maint Fee . If you go to Google and click on "7 layer OSI TCP/IP Model ". It will explain where your routers stops and why . I hope this helps . The question to pose in your mind is "can I create a new subnet on the same layer 2 switch ? Google the answer , it's there !