I am going live soon with a new failover configuration utilizing IP SLA monitoring. I have tested my configuration as best I could in GNS3 and was hoping someone could take a quick look at what I've done before I go live. Any help is greatly appreciated! Here is a brief overview:
- 3 remote locations connected over Verizon EVPL circuits
- Each office has it's own internet connection behind an ASA 5510
- Each ASA has a VPN tunnel pointing to each other
- I verified that the other router configs mirror each other, save for the addressing
- Full router configs are attached to the post in case anyone wants to see them
ip sla monitor 1
type echo protocol ipIcmpEcho 172.20.254.2 source-interface FastEthernet1/0.1741 (EVPL interface to Office #2)
timeout 2000
frequency 5
ip sla monitor schedule 1 life forever start-time now
ip sla monitor 2
type echo protocol ipIcmpEcho 172.20.254.3 source-interface FastEthernet1/0.1741 (EVPL interface to Office #3)
timeout 2000
frequency 5
ip sla monitor schedule 2 life forever start-time now
track 1 rtr 1 reachability
track 2 rtr 2 reachability
ip route 192.168.1.0 255.255.255.0 172.20.254.2 track 1 (route to office #2)
ip route 192.168.5.0 255.255.255.0 172.20.254.3 track 2 (route to office #3)
ip route 0.0.0.0 0.0.0.0 192.168.0.2 20 (route to local ASA with backup VPN connections)