10-23-2020 10:51 AM
Hi all
me and a friend have setup a little network for a friend and it works fine. after that we snowballed thinking about stuff we could do in the future.
we came up with a setup (shown in de diagram) and think this could work although we have some questions we cant figure out.
On the wan side we have an ipsec tunnel to another router. The routes are static and have a different metric.
VPN1 is connected to the VRRP leader and VPN2 to the slave. If a packet is send to the DGW (VIP address of the VRRP) it should go to the upper router (the one with vpn1) but the WAN side or just the ipsec tunnels are offline. How is traffic routed to the 2nd router ??
I just cant figure it out.
im sorry if my questions are not that smart, im not a network expert.
KR
Pieter
10-23-2020 11:04 AM
VRRP has limited functionality, is there any reason you need only VRRP, or HSRP can be deployed?
here is an example :
10-23-2020 11:18 AM
Hi
Thanks for the reply. The setup is a mockup and not going to be used.
I Just want to Know if the system how we set it up is able to work and/or what need to be done/added to make it work.
Kr
Pieter
10-23-2020 11:32 AM - edited 10-23-2020 12:08 PM
Since you want stick on to VRRP and make corrections to work, then I was thinking you can have tracking of the interface and decrement priority slave(backup) to become master.
# track 1 interface x/x line-protocol (this can be VPN or Physical interface)
# vrrp 1 priority 120
# vrrp 1 track 1 decrement 15
also, suggest posting the configuration - what is configured so we can tweak.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide