Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
436
Views
0
Helpful
1
Replies

Dial Backup for VPN

l.cabral
Level 1
Level 1

‎06-19-2003 03:04 AM - edited ‎02-21-2020 12:37 PM

Hi,

I need to implement a backup mechanism for an ipsec VPN. This is for a small soho so I think in buying a 837 adsl router, so when adsl goes down, the alternative path should become avaiable. The backup possibilities are: using an analog modem attached to the console port or redirecting traffic to another local router (from another vendor, when it receives traffic to the other network it will establish a link).

I need some suggestions about the best way/hardware/config tip for accomplishing this.

Thanks in advance,

Leonardo

Labels:
0 Helpful
1 Reply 1

vcjones
Level 5
Level 5

‎06-20-2003 04:53 PM

The challenge with a VPN tunnel is to detect when it is down so that an alternate route can be selected. An ADSL interface almost never goes down, so classical dial backup approaches such as backup interface won't work. You must use an approach which tracks availability of the other side based on a routing protocol or "outside information." Cisco does not support the latter (but look at Nexland Pro800 Turbo or Symantec 200R for an example of how ping can be used to do the job).

Using Cisco kit, your only choice is running a routing protocol, which requires a router at each end of the VPN. You can use BGP directly over the VPN, or any interior routing protocol (EIGRP, OSPF, RIP, etc) over a GRE tunnel. Last time I looked, only the GRE tunnel approach is documented here on CCO, but there is a white paper with an example of each approach on my web site.

Good luck and have fun!

Vincent C Jones

www.networkingunlimted.com

0 Helpful
Customers Also Viewed These Support Documents