11-24-2009 12:03 AM - edited 03-04-2019 06:47 AM
Dear All Expert,
I would like to ask you some question about failover for HQ to Branches by VPN connection.
At HQ site i had Cisco router 2821 with Hwic-4ESW and At the Branch site i had Cisco Router 1841 with Hwic-4ESW.
From HQ to Branch we have 2 Wan link (2 ISP, one for Primary link and other one for Bakcup link), when the Primary link donw, the Back up link will be up aotomatically. I would like to ask you about configuration from HQ to Branch by VPN connecion ( primary and Back up link) how can i configure?
Best Regards,
Rechard_HK
Solved! Go to Solution.
11-26-2009 01:08 AM
Hi Rechard_hk,
Glad that command helping you.
1. Yes, the command must apply to both HQ and Branch. Else your Branch will have return route issue.
2. You can ignore GRE setup. This setup is for complex branch office network, after viewing your network diagram floating static route is the best resolution suit to your network environment.
Regards,
Tan
11-24-2009 12:08 AM
Hi Rechard_HK,
Do you have any firewall in between?
Regards,
Tan
11-24-2009 12:13 AM
Dear Tan,
No, don't have any firewall.
But At HQ i have core-swith 3560 for intervlan and Cisco Router 2821 connect to Core-swith 3560.
Thanks you for your question!!!
Best Regards,
Norung
11-24-2009 12:54 AM
Hi Rechard_hk,
Create GRE tunnel in both side to make your link redundancy.
For sample configuration visit: http://www.cisco.com/en/US/tech/tk827/tk369/technologies_configuration_example09186a00800946b8.shtml
Your case required to setup 2 x Tunnel for both router side. Since you have two ISP link.
Regards,
Tan
11-24-2009 01:32 AM
Dear Tan,
i'm not clear about GRE tunnel that you show me, could you let me know detail than this?
i'm not clear that i have 2 ISP, so how can i create tunnel GRE( how many GRE that i create at HQ and Branch because i have two ISP link)?
On your link that you send to me which point that it fail over?
Thanks you for your support!!!
Best Regards,
Rechard_HK
11-24-2009 08:20 AM
Hi Rechard_HK,
Do you have a network diagram? then i can propose the better solution.
Regards,
Tan
11-25-2009 02:19 AM
Dear Tan,
Please see in the attach file.
Best Regards,
Rechard_hk
11-25-2009 02:22 AM
11-25-2009 08:39 PM
Dear Tan,
Do you have update?
Best Regards,
Rechard_HK
11-26-2009 12:13 AM
Hi Rechard_HK,
The answer to your question is floating static route. You can configure two static routes, one pointing to the first leased line and the other pointing to the second leased line. Suppose these lines are connected to F0/0 and serial F0/0/0 interfaces. Then your static routes would look like
Ip route 0.0.0.0 0.0.0.0 F0/0
Ip route 0.0.0.0 0.0.0.0 F0/0/0
This will load balance the traffic between the two lines. If you don't want load balancing, and want second line purely as backup, then your configuration would look like –
Ip route 0.0.0.0 0.0.0.0 F0/0
Ip route 0.0.0.0 0.0.0.0 F0/0/0 150
The 150 command in the second route here tells the router that the administrative distance for the second route is 150 (for normal static route it is 1). So the second route has a less preference than the first route, and should only be used when the first route fails.
Regards,
Tan
11-26-2009 12:49 AM
Dear Tan,
Very thanks you for you help me!!!
i got command that you give me, so i would like to ask you some question that:
1- Do i need add two comand stastic route at HQ and Branch or just add two stastic router only HQ?
2- when i used stastic router, we don't need to use GRE that you show me last time?
Best Regards,
Rechard_hk
11-26-2009 01:08 AM
Hi Rechard_hk,
Glad that command helping you.
1. Yes, the command must apply to both HQ and Branch. Else your Branch will have return route issue.
2. You can ignore GRE setup. This setup is for complex branch office network, after viewing your network diagram floating static route is the best resolution suit to your network environment.
Regards,
Tan
11-29-2009 05:59 PM
Dear Tan,
Thank you again for your time and fully support!!!
In the future, if i have any problem or i have some quetion want to ask you , so How can i ask you?
Best Regards,
rechard_hk
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: