08-11-2023 10:19 AM
Hello
I am trying to set-up the following site-to-site configuration.
ENC are security devices that we must use. There is 1 x encrypted tunnel between ENC01-ENC02 and another between ENC03-ENC04. Between the two sites is an MPLS network. The 2 x tunnels are up and working across the MPLS.
We are looking to be able to route each site VLAN to the other site and if any one ENC / link fails, then traffic would automatically be routed over the other link. We are hoping GRE / EIGRP is the answer but struggling to set this up.
SW1 & SW2 are C9300 - here is the config of Tunnel 1:
# TUNNEL 1
site1# conf t
site1(config)# interface tunnel 1
site1(config-if)# tunnel source 10.10.10.1
site1(config-if)# tunnel destination 10.10.10.25
site1(config-if)# ip address 172.30.0.1 255.255.255.0
site1(config-if)# keepalive 3 5
site1(config-if)# end
# TUNNEL 1
site2# conf t
site2(config)# interface tunnel 1
site2(config-if)# tunnel source 10.10.10.25
site2(config-if)# tunnel destination 10.10.10.1
site2(config-if)# ip address 172.30.0.11 255.255.255.0
site2(config-if)# keepalive 3 5
site2(config-if)# end
# advertise networks
site1# conf t
site1(config)# router eigrp 10
site1(config-router)# network 192.168.10.0 0.0.0.255
site1(config-router)# network 192.168.20.0 0.0.0.255
site1(config-router)# network 192.168.100.0 0.0.0.255
site1(config-router)# network 172.30.0.0 0.0.0.255
site1(config-router)# end
# advertise networks
site2# conf t
site2(config)# router eigrp 10
site2(config-router)# network 192.168.11.0 0.0.0.255
site2(config-router)# network 192.168.21.0 0.0.0.255
site2(config-router)# network 192.168.101.0 0.0.0.255
site2(config-router)# network 172.30.0.0 0.0.0.255
site2(config-router)# end
Even without adding the eigrp conf, I'm unable to ping the other switch. Any help would be really appreciated.
Thanks
08-11-2023 10:33 AM
I Send you private message
08-12-2023 01:24 PM
We do not have enough information to be able to give good advice. As a start what can you tell us about 10.10.10.1 and 10.10.10.25?
From site 1 can you ping 10.10.10.25 source 10.10.10.1? And from site 2 can you ping 10.10.10.1 source 10.10.10.25?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide