{"id":256,"date":"2017-08-13T17:06:24","date_gmt":"2017-08-13T21:06:24","guid":{"rendered":"http:\/\/puluka.com\/home\/?p=256"},"modified":"2017-08-13T17:06:24","modified_gmt":"2017-08-13T21:06:24","slug":"screenos-configure-backup-internet-for-failover","status":"publish","type":"post","link":"http:\/\/puluka.com\/home\/networking\/screenos\/screenos-configure-backup-internet-for-failover\/","title":{"rendered":"ScreenOS Configure Backup Internet for Failover"},"content":{"rendered":"<p><strong>Product<\/strong>: ScreenOS<br \/>\n<strong>Version<\/strong>: 6.0 and higher<\/p>\n<h2>Network Topology<\/h2>\n<p>Two firewall interfaces configured in untrust zone. One for each internet service provider using ethernet0\/0 and ethernet0\/1.<\/p>\n<h2>Description:<\/h2>\n<p>You can setup a second internet service as a configured backup line for use during failure on the primary line.\u00a0 This utilizes interface backup and the track-ip features of ScreenOS 6.\u00a0 This will automatically do the failover during the outage. This example assumes that ethernet0\/0 is the current primary interface while ethernet0\/1 is the new service interface.<\/p>\n<h2>Configuration:<\/h2>\n<p><strong>Setup the new service interface<\/strong><\/p>\n<p>Add the ip address and untrust zone to ethernet0\/1 or setup the dhcp on this interface for the new carrier.<\/p>\n<p>If this is a static configuration then add the second default route to the carrier provided address out ethernet0\/1.\u00a0 On DHCP this route is added automatically.<\/p>\n<p><strong>Establish the backup and primary interfaces. <\/strong><\/p>\n<p>Web<\/p>\n<p>Network&#8211;Interfaces&#8211;Backup<\/p>\n<p>Select Primary interface ethernet0\/0<br \/>\nSelect Backup interface ethernet0\/1<br \/>\nSelect Track-ip<\/p>\n<p>Hit Apply<\/p>\n<p>CLI<\/p>\n<p>set interface ethernet0\/0 backup interface ethernet0\/1 type track-ip<\/p>\n<p><strong>Setup Track-ip Monitoring to detect failure<\/strong><\/p>\n<p>Create the track-ip on interface ethernet0\/0.\u00a0 This is an internet ip address that when this interface can no longer ping it is considered down.\u00a0 A good choice is the service provider DNS server for this line.<\/p>\n<p>Web<\/p>\n<p>Network&#8211;Interfaces&#8211;List<\/p>\n<p>Edit ethernet0\/0<br \/>\nMonitor tab<\/p>\n<p>Select\u00a0 enable track-ip<br \/>\nhit apply<\/p>\n<p>Hit Add Monitor track ip<br \/>\nEnter ip address to ping (Carrier DNS)<\/p>\n<p>CLI<\/p>\n<p>set interface ethernet0\/0 monitor track-ip ip<br \/>\nset interface ethernet0\/0 monitor track-ip ip 1.1.1.1<\/p>\n<h2>Verification:<\/h2>\n<p>Look at interface list and observe that primary line is up and backup interface is down Disconnect the primary interface cable and observe the change in status on the interfaces<\/p>\n<h2>References:<\/h2>\n<p><strong>ScreenOS Concepts and Examples Guide<\/strong><br \/>\n<a href=\"http:\/\/www.juniper.net\/techpubs\/software\/screenos\/screenos6.2.0\/index.html\">http:\/\/www.juniper.net\/techpubs\/software\/screenos\/screenos6.2.0\/index.html<\/a><br \/>\nVolume 2 Fundamentals<br \/>\nChapter 3 Interfaces<br \/>\nConfiguring Backup Interfaces<\/p>\n<p>Originally Posted May 22, 2011<br \/>\nLast Revised on May 22, 2011<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Product: ScreenOS Version: 6.0 and higher Network Topology Two firewall interfaces configured in untrust zone. One for each internet service provider using ethernet0\/0 and ethernet0\/1. Description: You can setup a second internet service as a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"class_list":["post-256","post","type-post","status-publish","format-standard","hentry","category-screenos"],"_links":{"self":[{"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/posts\/256","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/comments?post=256"}],"version-history":[{"count":1,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/posts\/256\/revisions"}],"predecessor-version":[{"id":257,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/posts\/256\/revisions\/257"}],"wp:attachment":[{"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/media?parent=256"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/categories?post=256"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/tags?post=256"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}