04-27-2018 02:31 AM - edited 03-05-2019 10:21 AM
Hi Everybody
All our remotes sites are connected to our main datacenter via MPLS IPVPN, and for one of these remote sites, we had an additional ADSL connection installed for resiliency. And an IPSEC tunnel has being configured between remote and head office ASA. Have disabled RR on both ends. Redistribute Static configured on the head office FW to EIGRP. Manually added a static route with a higher AD. So once the MPLS connection goes down, and IPSEC tunnel is formed. So no issues. However when the primary connection comes back. EIGRP doesn't switch back to the MPLS route, but prefers the IPSEC path, due to a lower metric, that gets redistributed to the core with an AD of 170.
I know there are a few options like offset lists, redistribute the static with a metric, or a route map.
The config will need to be made on the HO firewall, so what would be the preferred choice.
Any advice would be much appreciated.
04-27-2018 05:27 AM
Hi
My suggestion is use IP SLA to be monitoring the connectivity to MPLS, once it is up an EEM script could be executed automatically in order to modify the static route metrics to set up them with higher.
Hope it is useful
:-)
04-27-2018 06:12 AM
Thanks Julio, this is something we haven't though of, the scripting side. Would there be any reference from Cisco regarding this method, as I am fairly new to this field, and haven't done any EEM scripts on live environments.
04-27-2018 06:55 AM
Hi
There is information about EEM on the Cisco Website, now I could share an example imagining your scenario.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide