cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1642
Views
0
Helpful
6
Replies

Internet Failover Between Sites

Hi All,

I'm trying to setup Internet redundancy between two offices, so should one office lose internet connectivity, Internet connectivity will resume via the other office.

The company has two office's which are connected via a wireless/microwave link. At each office there is a Cisco 1811 router, the Cisco's connect to an ISP circuit (FE0), FE1 is the link to the wireless devices and the internal LAN at each office is connected to the 8 port switch on the 1811.

I have setup redundancy between the offices using a VPN tunnel and EIGRP. If the wireless/microwave link goes down, the offices can still communicate via the VPN tunnel. For the internet failover, I have configured an IP SLA on both devices & also used "redistribute static metric" command in EIGRP. When I test the Internet failover, I can see the routing table updates as I expect and I can ping out to the devices on the Internet but I am unable to access HTTP(s) sites. Could someone, please, advise where the issue might be, I find it strange that I can ICMP traffic works but HTTP(s) does not.

Thanks in advance!

6 Replies 6

Sudeep Valengattil
Cisco Employee
Cisco Employee

Is the DNS working.?

RAMACHANDRA R
Level 1
Level 1

Hi

what kind of tunnel you have between offices ? Is this Ipsec tunnel or GRE tunnel, if GRE you may required to adjust tcp mss on both side of the interface to have HTTP(s) sites access.

The command will be similar to below

interface tunnel xx

ip tcp-adjust mss 1436

Rgds

Rama

Hi Sudeep & Rama,

Thanks very much for replying!

DNS is working fine when we are testing the Internet failover, we can ping websites via name and IP.

Regarding the VPN tunnel, I have setup a GRE tunnel but I don't think I need to adjust any interface settings as when Internet goes down at one office, connectivity should resume via the other office Internet circuit. The primary link between the two offices use the wireless/microwave link and not the GRE tunnel.

Thanks

i agree with Rama maybe the TCP mss or mtu

have a look at the bellow link

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml

HTH

Hi Michael,

Can you post the config of any sites please.

Rgds

Rama

Hi

I have attached a very basic network diagram and the config from the head office.

Thanks in advance!

Michael

Review Cisco Networking for a $25 gift card