I'm going to assume these WAN

sameer-parvaiz · ‎02-25-2016

Hi Everyone,

Hope you are fine and doing well, I have a confusion regarding following DMVPN design will it work or not, following is the situation

DMVPN hub has two WAN interfaces which are further connected to same ISP and get live IP's from service provider

Two tunnels have been configured on hub router and one has WAN 1 as source interface and 2nd one has WAN2 interface as a source interface

initially, all traffic is flowing through WAN interface and all sites VPN tunnels are terminated with WAN 1 interface

IP SLA is configured to track WAN 1 interface and its default route

All remote sites configured with both hub end tunnels and route traffic with tunnel 0 which is terminated with WAN 1 interface

My question is if WAN interface will get any issue then VPN tunnel will shift to WAN 2 interface while IP SLA change default route in the routing table

and if WAN 1 one will come back then will VPN traffic will shift back on WAN 1 Tunnel 0 ?

is it possible if yes then what is the best way

Thanks in Advance

Sameer

Philip D'Ath · ‎02-26-2016

I'm going to assume these WAN interfaces are directly Internet connected.

The easiest way to get this to work nicely is to place the second Internet circuit into a vrf. Then it can have its own default route permanently loaded.

Here are a couple of guides explaining the configuration.

https://supportforums.cisco.com/document/62471/using-vrfs-segregate-dmvpn-clouds-hub

http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/ngwane/ngwanedmvpn.pdf

You can also use IP SLA to control the default route - but that is not a very nice config. Using a VRF on the second Internet circuit will work rock solid reliable by comparison.

DMVPN Hub with two WAN links from one ISP