Generally speaking a better

eddie.sardinha · ‎01-03-2016

Hi All,

In our branch office we are using Verizon MPLS for internal traffic as well as internet. As you can imagine the internet bandwidth is limited as we only have around 3mbps with the MPLS. I purchased a cisco ASA 5506 and set up a site to site VPN for internal resources and connected a secondary ISP for internet. The internet goes out through FIOS 75/75 and internal traffic goes over the VPN (spit-tunnel).

What I need to know is how can I switch back to MPLS if I needed to? Verizon is unable to access their router because all internal traffic is going over the vpn. Is this something that can easily be done to switch back and fourth when I need to?

Thanks,

Marvin Rhoads · ‎01-03-2016

Generally speaking a better route will switch traffic back. I assume you have a default route out of your network via the inside interface of the ASA 5506. It then has a default route out to the Internet via your local ISP.

If you put a more specific route (i.e. something better than 0.0.0.0 0.0.0.0 default route) in your local routing table that will make the traffic prefer that path.

Depending on what the local infrastructure is, where that route is activated varies. If, say you have a core or single layer 3 switch, you put it there.

You can make it switch over semi-automatically using something like an IP SLA monitor that gives you a tracking option that is then use in a backup static route.

A diagram or more complete explanation of your branch office network would allow us to give a more specific recommendation.

How to switch between MPLS & site to site vpn