Print

Print


Craig & Robert,

We have a secondary Comcast connection, provided free of charge.  ENA
provides our main Internet connection and our firewall/content filter which
I can only see as complication the security portion of having a secondary
fail-over WAN connection.

I assume the Fortigate would/could provide firewall and filtering
protection for both ISP connection going in to it.  So we'd just end up
with a dual layer of firewall protection.  I assume somewhere in the
topology specific vLAN traffic could be blocked - preventing student use
(eliminating the worry about filtering) and allowing only vital business or
teacher devices to use the backup connection?

 Ben

On Wed, Dec 19, 2018 at 10:54 AM Robert Wickberg <[log in to unmask]>
wrote:

> We use a Fortigate for firewalling, content filtering, VPN, etc.
>
> On Wed, Dec 19, 2018 at 9:05 AM Alex Webster <[log in to unmask]> wrote:
>
>> What are you using for a firewall?
>>
>>
>> Not sure how common it is, but for our office, we only had DSL lines so I
>> had to load balance between 4 WAN connections. We also needed to force
>> phone traffic over one of the four lines, while data went over the other 3
>> in round robin. We accomplished this with pfsense, so the cost was right.
>>
>>
>> Alex Webster
>>
>> 603-915-3014
>> ------------------------------
>> *From:* School Information Technology Discussion <[log in to unmask]>
>> on behalf of Robert Wickberg <[log in to unmask]>
>> *Sent:* Wednesday, December 19, 2018 8:38:39 AM
>> *To:* [log in to unmask]
>> *Subject:* Re: Failover Internet Connection?
>>
>> We have two internet connections with two different vendors, but when I
>> tried to set up our firewall to load balance it didn't work very well, so I
>> have it set so some of the schools use to one connection and others use
>> the other, a crude form of load balancing. So if one fails, it would take
>> me a minute or so to change the firewall config to put all the traffic on
>> the working one.  Good enough for school purposes.
>>
>> On Wed, Dec 19, 2018 at 1:27 PM Leslie, Ben <[log in to unmask]> wrote:
>>
>> Just wondering if any schools operate with a backup or failover ISP
>> connection?
>>
>> If so, do you run it though a dedicated failover device, in know some
>> firewalls have dual WAN ports for such scenarios or did you configure
>> weighted default gateways on an edge switch or router?
>>
>>
>> --
>> Ben Leslie Battenkill Valley Supervisory Union 802-375-2589 802-375-6409
>>
>> -----------------------------------------------------------------------
>>
>> Search <http://list.uvm.edu/archives/school-it.html> the SCHOOL-IT
>> Archive
>>
>> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
>> Subscription to SCHOOL-IT
>>
>>
>>
>> --
>> Bob Wickberg
>> Technology Coordinator
>> Brattleboro Union High School District # 6
>> (802)451-3418
>>
>> -----------------------------------------------------------------------
>>
>> Search <http://list.uvm.edu/archives/school-it.html>the SCHOOL-IT Archive
>>
>> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
>> Subscription to SCHOOL-IT
>>
>> -----------------------------------------------------------------------
>>
>> Search <http://list.uvm.edu/archives/school-it.html> the SCHOOL-IT
>> Archive
>>
>> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
>> Subscription to SCHOOL-IT
>>
>
>
> --
> Bob Wickberg
> Technology Coordinator
> Brattleboro Union High School District # 6
> (802)451-3418
>
> -----------------------------------------------------------------------
>
> Search <http://list.uvm.edu/archives/school-it.html> the SCHOOL-IT Archive
>
> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
> Subscription to SCHOOL-IT
>


-- 
Ben Leslie
*Coordinator of Technology*
Battenkill Valley Supervisory Union / Arlington School District

*Arlington High School*
P: 802-375-2589 ext. 165
*Fisher Elementary School*
P: 802-375-6409 ext. 261