Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
485
Views
0
Helpful
5
Replies

Routing Traffic through site to site VPN

Michael McGrath
Level 1
Level 1

‎06-23-2017 01:18 PM - edited ‎03-05-2019 08:45 AM

Attached is a diagram of my setup. I have 3 sites each connected to each other with a site to site VPN. I'm looking for advice and a solution if one of the legs of the VPN were to go down.

For example if the connection between SiteA and SiteC were to go down, is there a way that SiteA and SiteC can still communicate through SiteB?

Labels:
site2site_1.jpg
Preview file
26 KB
0 Helpful
5 Replies 5

Georg Pauwen
VIP
VIP

‎06-23-2017 02:03 PM

Hello,

a full mesh DMPVPN would be an option, as described in the document below:

http://www.cisco.com/en/US/technologies/tk583/tk372/technologies_white_paper0900aecd801af458.html

0 Helpful

Michael McGrath
Level 1
Level 1
In response to Georg Pauwen

‎06-27-2017 06:19 AM

Would a DMPVPN work with ASAs? two of the gateways are 5512 and the other is a 5505

0 Helpful

pankajbhosale
Level 1
Level 1

‎06-25-2017 12:13 AM

Hi,

Assuming you have two physical links on all of your routers.

Example

Router A has two links

Link 1 connecting to router B

Link 2 connecting to router C

You can configure router  A to access router B & router C in scenario where one of your link is down.

How to do this?

Link 1 will have two tunnels configured, tunnel 1 connecting to router B and tunnel 2 connecting router C.

Link2 will have two tunnels configured in the same way you configured for link 1.

In the end make sure router A has routes for networks connected to router B & router C

Bye

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎06-26-2017 05:31 AM

For example if the connection between SiteA and SiteC were to go down, is there a way that SiteA and SiteC can still communicate through SiteB?

Sure can but it depends on routing being properly configured.

For example, if you were running a dynamic routing protocol, it should reconverge after the SiteA<>SiteC path is lost and communicate that SiteA and SiteC can reach each other via SiteB.

0 Helpful

Michael McGrath
Level 1
Level 1
In response to Joseph W. Doherty

‎06-27-2017 06:16 AM

I didn't know I could use dynamic routing for this setup, thanks.

every site's gateway is an ASA with a nat rule like this 

nat (any,outside) source static SiteA_Networks SiteA_Networks destination static SiteC_Networks SiteC_Networks no-proxy-arp route-lookup

I'm unsure of how the NAT will look with a protocol like OSPF, for example. I'm still looking into it, but any advice or articles would go a long way

Thank you

0 Helpful
Customers Also Viewed These Support Documents
Top