Hi Oleg, Thanks for your

Wei Kwong Ong · ‎03-11-2015

Hi fellow experts,

I have been told by the customer that, they have a DTS fiber optic to connect between HQ and branch, Cisco 2911 on both side. They also have a WAN link which connect to a ISP as a backup link. When the DTS fiber link fails, they manually unplug and plug in the cable from the Cisco 2911 router to the ISP router.

Now, the customer wish to make this process automatically, where the DTS fiber optic remain, and also have the connection to the WAN via VPN. Can it be done? What is the solution?

Please find the attachment for reference.

Oleg Volkov · ‎03-11-2015

Hello!

If You use L3, You can use tunnel via WAN and EIGRP.

--------------------------------------------------------------------------

Helping seriously ill children, all together. All information about this, is posted on my blog

Wei Kwong Ong · ‎03-11-2015

Hi Oleg,

Thanks for your comment.

Cisco 2911 is a L3 router isn't? Tunnel? VPN tunnel?

Can be done by uing routing protocol such as EIGRP?

Oleg Volkov · ‎03-11-2015

Yes.

You can configure VPN tunnel, and EIGRP routing.

EIGRP automatic change route, if primary link go to down

--------------------------------------------------------------------------

Helping seriously ill children, all together. All information about this, is posted on my blog

Wei Kwong Ong · ‎03-11-2015

Thanks Oleg,

Do we need fix IP on both side to build VPN tunnel on top of ISP WAN link?

Oleg Volkov · ‎03-11-2015

Yes.

--------------------------------------------------------------------------

Helping seriously ill children, all together. All information about this, is posted on my blog

Wei Kwong Ong · ‎03-11-2015

Thanks Oleg,

Do you have a sample configuration to do EIGRP active/standby link failover?

Oleg Volkov · ‎03-11-2015

I can write sample slightly later but today!

--------------------------------------------------------------------------

Helping seriously ill children, all together. All information about this, is posted on my blog

Wei Kwong Ong · ‎03-11-2015

Thank you in advance!

Oleg Volkov · ‎03-11-2015

You can do next:
For example Your interfaces on first router:
Gig0/0.1 ip address 10.0.0.1/24 link to second router
Gig0/0.2 ip address 10.10.0.1/24 Inside network
Gig0/0.3 ip address 81.23.123.77/30 WAN

router eigrp 10
network 10.0.0.0 0.0.0.255
network 10.10.0.0 0.0.0.255
network 10.20.0.0 0.0.0.3

Int Tunnel1
ip address 10.20.0.1 255.255.255.252
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source 81.23.123.77
tunnel destination 81.23.10.2
tunnel mode gre ip

For example Your interfaces on second router:
Gig0/0.1 ip address 10.0.2.1/24 link to second router
Gig0/0.2 ip address 10.10.2.1/24 Inside network
Gig0/0.3 ip address 81.23.10.2/30 WAN

router eigrp 10
network 10.0.2.0 0.0.0.255
network 10.10.2.0 0.0.0.255
network 10.20.0.0 0.0.0.3

Int Tunnel1
ip address 10.20.0.2 255.255.255.252
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source 81.23.10.2
tunnel destination 81.23.123.77
tunnel mode gre ip

Also, You can use bandwidth on Tunnel interface like:

bandwidth 10000

--------------------------------------------------------------------------

Helping seriously ill children, all together. All information about this, is posted on my blog

Failover link between HQ and Branch