Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
790
Views
0
Helpful
4
Replies

GRE Tunnel redundancy over Reduntant WAN link using SLA Monitoring

sreeraj.murali
Level 3
Level 3

‎11-21-2016 07:27 AM

Hi,

Request some ones inputs in configuring GRE Tunnel redundancy on Cisco VPN Router over Multiple WAN Links. I read, it is possible using SLA Monitoring. Please provide with the Cisco online documentation guide in achieving the same.

Or else, please suggest other ways to achieve the same, if not using SLA Monitoring.

Thanks & Regards

Sreeraj Murali

Labels:
0 Helpful
4 Replies 4

nspasov
Cisco Employee
Cisco Employee

‎11-21-2016 11:09 AM

Hello Sreeraj-

Are you able to run dynamic routing protocol over the GRE tunnels? If so, you can explore running something like EIGRP and use dynamic routing for things like failover, load-sharing, etc. 

I hope this helps!

Thank you for rating helpful posts!

0 Helpful

sreeraj.murali
Level 3
Level 3
In response to nspasov

‎11-21-2016 11:21 PM

Hi Neno Spasov, We do advertise the networks over the tunnel using EIGRP routing. We need to have the Tunnel choose the active Internet leased line interface, at the local site. How we can achieve that. Please share any Cisco documentation, if you have. Thanks, Sreeraj

0 Helpful

nspasov
Cisco Employee
Cisco Employee
In response to sreeraj.murali

‎11-22-2016 10:06 AM

EIGRP will automatically load balance over 6 equal-cost links/paths. Thus, if you have EIGRP running over both tunnels then your EIGRP table/topology should be showing two equal routes to those networks. You can confirm this by issuing show ip route eigrp and show ip eigrp topology

If that is the case then all you will need to do is make one of the tunnel interfaces less preferred than the other in EIGRP. You can accomplish this by manipulating one of the EIGRP metrics that is used to calculate the cost. One of the easiest way to do this is to alter the bandwidth or the delay on the tunnel interface. 

For more information on this you can reference the following link:

http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/13673-14.html

I hope this helps!

Thank you for rating helpful posts!

0 Helpful

sreeraj.murali
Level 3
Level 3
In response to nspasov

‎11-23-2016 07:57 AM

Hi, Thanks for suggesting. This solution will help, if we have multiple tunnel configured.

I am here trying to explore the option of having "single tunnel" "using multiple source Interface" each from different Service provider" at the our local side. Hope you are clear on the scenario.

Please find the below link,which clarifies the topology. Instead of Cisco ASA, we are having Cisco Router.

https://supportforums.cisco.com/sites/default/files/legacy/0/5/2/85250-VPN%20redundancy%20network%20diagram.png

Please suggest.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents