Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
553
Views
10
Helpful
2
Replies

Cisco 831 - Dual connection to ISP ( VPN ) via Cable Modem and DsL

daharris
Level 1
Level 1

‎05-08-2003 04:29 AM - edited ‎03-02-2019 07:11 AM

Can an 831 be connected to both a Cable Modem ( primary ) and DsL connection ( failover ) to customer's VPN? If so, how?

Thanks,

Dave

Labels:
0 Helpful
2 Replies 2

mark-obrien
Level 4
Level 4

‎05-08-2003 05:44 AM

Dave,

The problem is having the router recognize when the cable modem link goes down. If the cable service provider is willing to run RIP with you, and only send a default route, the 831 will recognize that the cable modem link is down when it no longer receives the default route from the cable provider.

Another problem is that the 831 does not have a DSL interface. You will need a second router to terminate the DSL. Set this router up to a) run RIP with the 831, and b) have a default route with admin distance greater than 120 toward the DSL, and re-distribute this default with a metric higher than the one that the 831 receives from the cable modem ISP. Run HSRP between the two routers for added fault-protection.

If the cable provider will not run RIP, I don't see a way of doing what you want.

Good luck.

Mark

0 Helpful

jdiegmueller
Level 5
Level 5

‎05-08-2003 01:20 PM

A single Cisco 831 could not meet this need, because each broadband service typically needs to be terminated separately on separate logical interfaces.

While you may be able to work something up real hokey with secondary addressing, typically these residential broadband services use PPPoE (DSL) or DHCP (DSL, Cable) and thus you wouldn't be able to work it out. So my recommendation would be two Cisco 831s side-by-side.

In your particular scenario, the customer is not worried about "Internet" access as a whole but primarily concerned about ensuring there is a working VPN back to the coroporate HQ. As such, if you had two Cisco 831s, you could do the following:

- Each Cisco 831 would terminate one of the services (DSL or Cable)

- Each Cisco 831 would have a GRE-over-IPSec tunnel back to the head end VPN aggregation point for the Corporate network (GRE requires the Plus Feature Set)

- You could run a routing protocol (such as EIGRP) across that GRE tunnel (EIGRP also requires the Plus Feature Set). Additionally, you would also run EIGRP between the two Cisco 831s on the LAN side.

- Weight your EIGRP metrics (bandwidth and delay by default) such that the Cable GRE tunnel is preferred over the DSL (and vice versa).

- Lastly, you would also configure HSRP on the LAN, with the Cable side having the higher HSRP priority.

Combined with a default route that you get from PPPoE or DHCP, this GRE-over-IPSec will give each router the knowledge of whether or not the GRE tunnel (encrypted with IPSec) is operational end-to-end and the necessary knowledge to forward traffic down the link of the right provider.

I feel this approach would protect the customer site from link, serivce provider network, and hardware failure, and depending on the exact customer requirements could meet your needs.

Customers Also Viewed These Support Documents