IP SLA https Fedline Failover
[[SLA Source IP]] -- SLA Source IP. This IP should be apart of the subnet allowed to access Fedline. [[Fedline Inside Route to IP]] -- This is the inside IP of the Fedline router that you route 170.209.0.0/29 to. [[SLA Number]] -- IP SLA Number [[Track Number]] -- Track Number After you complete this on both of the routers that provide access to Fedline you can redistribute that static route into your IGP to provide redundancy for Fedline in your WAN. The route for the local location will be removed from both the routing table and of coarse the IGP so that it can failover to the other location if your local Fedline access goes down. The route-map and local policy is used to keep the SLA monitor testing the local route all the time. If you do not do this then when the route gets removed and the backup route comes into the route table the SLA will begin to respond again to the back up route which will cause your static route to become active again, but since the service is currently down it will fail again and flap until your local service is restored. The route-map prevents that from happening. ! ip access-list extended LOCAL_PBR_SLA_FedLine permit tcp host [[SLA Source IP]] host 170.209.0.3 eq 443 deny ip any any route-map LOCAL_PBR_SLA permit 10 match ip address LOCAL_PBR_SLA_FedLine set ip next-hop [[Fedline Inside Route to IP]] ! ip local policy route-map LOCAL_PBR_SLA ! ip sla [[SLA Number]] tcp-connect 170.209.0.3 443 source-ip [[SLA Source IP]] control disable threshold 750 timeout 1000 frequency 2 ip sla schedule [[SLA Number]] life forever start-time now track [[Track Number]] ip sla [[SLA Number]] delay down 5 up 30 ! ! ip route 170.209.0.0 255.255.255.248 [[Fedline Inside Route to IP]] track [[Track Number]]



SLA Source IP:
Fedline Inside Route to IP:
SLA Number:
Track Number:


Use this code to post the full script to your own page:



Use this code to post only the variables to your own page: