ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
374
Views
0
Helpful
0
Replies
Highlighted
Beginner

ASA dual-path: IPSEC & frame-relay

Greetings; 

I've read the notes in the following article, and I'm trying to do something similar, that I will describe...

https://supportforums.cisco.com/thread/2086955

I have a remote site to which I will build an IPSEC tunnel, terminated at the Outside Interface.   I also have a frame-relay conection to that same site, and that router is connected at interface "DMZ".  My prime path is going to be the IPSEC tunnel, and I understand it uses the ACL on the tunnel to 'route' traffic into it.  The backup path is going to be the frame-relay, using  a static route.    I might not even need to use the SLA-monitor method, since when the IPSEC tunnel goes down, the static route to the site over the DMZ interface (via frame-relay) will take over.    This begs the question:  what trumps what:   An ACL on an IPSEC tunnel, or a static route?    Which is preferred over the other?

I just need the primary path to be the IPSEC tunnel, and the backup path to be frame-relay.  --the path will move back to IPSEC when it becomes available again, after a failure....

Thanks!

Alex in MD.

Everyone's tags (3)