Terminate 2 ISP on Single router for L2L VPN

anthony.dyne · ‎04-14-2012

Hi

I wanna terminate 2 ISP on the same Router and dedicated for Site to Site VPN to HQ. How to configure two default gateway for two ISP connection

Both IPSEC VPN tunnel will point to HQ, currently one ISP is terminated on the Router and L2L VPN with HQ is ok

Hope to get some help

Config

=====

crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

!

crypto isakmp policy 10

encr 3des

hash md5

authentication pre-share

group 2

crypto isakmp key cisco address 85.12.x.x

crypto ipsec transform-set VPN esp-3des esp-md5-hmac

crypto map VPN8 10 ipsec-isakmp

set peer 85.12.x.x

set transform-set VPN

match address VPN

interface FastEthernet0/0

description Link_To_ISP

ip address 40.x.x.x 255.255.255.252

ip nat outside

ip virtual-reassembly

duplex full

speed 100

crypto map VPN8

!

interface FastEthernet0/1

description Link_To_ISP2

ip address 196.x.x.x 255.255.255.252

ip nat outside

ip virtual-reassembly

duplex full

speed 100

crypto map VPN8

shut

interface FastEthernet0/1/0

description connected to LAN

duplex full

speed 100

!

interface FastEthernet0/1/1

!

interface FastEthernet0/1/2

!

interface FastEthernet0/1/3

!

interface Vlan1

description connected to LAN

ip address 172.20.1.1 255.255.255.248

ip nat inside

ip virtual-reassembly

!

ip local pool ippool 172.25.233.10 172.25.233.70

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 40.x.x.x

ip route 172.20.20.0 255.255.255.0 172.20.1.2

cheers

Anthony

Pawan Sharma · ‎04-15-2012

Hi,

You can use the same router to terminate 2 ISP links but you wont be able to do load sharing when it comes to VPN tunnels. So, You can use IP SLA to configure failover on ISP links and VPN traffic.

Regards,

Pawan S

http://www.ebrahma.com

Regards,
Pawan Sharma
https://itgears.io