I'm having an issue where we have two vendor routers that need to be highly available to all branch and data center locations (No changes permitted on the vendor R1 and R2)
The networks at all the branch locations consist of a Sophos XG135 as the Gateway/Router and behind that is the Local network for each branch.
The two data center locations each are virtually the same as the Branch Sites, however they both have a vendor router (Cisco 4000 series) locally behind the XG that has 2 dedicated internet circuits. Over which they establish a VPN tunnel to a remote server that hosts our main business application for all sites.
Currently, in a failover scenario of the Vendor Router or of the Primary Datacenter. I have to manually change the SD-WAN route to point the traffic from the Branch Sites and the Primary Site to the Backup Site.
I wanted to get some ideas on best practice in this, would love to use BFD but i don't believe the XG supports RFC7130.
My thoughts are using Route or Metric Change / IP SLA Track that the Sophos devices automatically implement in the event connectivity to either the Primary Data Center/R1 or the remote server fails. That flips the routing over to Backup Data Center / R2 to route traffic to the remote server. I wanted to use BGP but I cant establish with the Vendor device.
Added TAGs
[edited by: Erick Jan at 3:49 PM (GMT -7) on 27 Sep 2024]