Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
458
Views
5
Helpful
6
Replies

ISDN backup for IPSec site-to-site

mljevakovic
Level 3
Level 3

‎01-13-2006 12:48 AM - edited ‎02-21-2020 02:11 PM

Does anybody know how to configure ISDN backup for IPSec site-to-site without GRE?

Labels:
0 Helpful
6 Replies 6

spremkumar
Level 9
Level 9

‎01-13-2006 03:38 AM

Hi

Can you revert back about your primary connectivity through which you are establishing the Tunnel ?

Also the number of sites involved in this tunnel formation ...

regds

0 Helpful

mljevakovic
Level 3
Level 3
In response to spremkumar

‎01-16-2006 04:35 AM

I have two locations between I set up IPSec site-to-site VPN. It works. Routers on these locations are 2811 and 1421 with ISDN module (WIC and NM card).I need backup lines between these sites in case if one of this site is not reachable over Internet (VPN).

Primary connection of this sites is ethernet (over wireless) with static IP addresses.

0 Helpful

spremkumar
Level 9
Level 9
In response to mljevakovic

‎01-16-2006 04:53 AM

Hi

I can suggest to make use of Object tracking facility availble in the IOS to trigger the ISDN link when the primary ethernet link goes down.

Since the primary tunnel is over the ethernet link you need to have either object tracking facility enabled to detect the failure or else to have a GRE tunnel built over the link to detect that.

since you are not interested in the second option better try out with the first option.

configuring the ISDN bri will be based on the billing like which location needs to get billed for the establishing the outgoing calls made when the primary link is down.

do refer this link for more on object tracking feature avl in the ios..

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a00801541be.html

regds

0 Helpful

mljevakovic
Level 3
Level 3
In response to spremkumar

‎01-16-2006 05:12 AM

Thanks for the suggestion but if not problem for you (because this big document make me confuse) could you provide me an example for my scenario.

0 Helpful

spremkumar
Level 9
Level 9
In response to mljevakovic

‎01-16-2006 05:21 AM

Hi

Its a 3 step process creating the tracking rules under rtr prompt,applying it to the serial interface and an route-map to make the route invalid once the reachability goes off..

do find the config sample where both primary and secondary links are connected on ethernet ports..

interface ethernet 0

description primary_link

ip address 10.1.1.1 255.0.0.0

interface ethernet 1

description backup_link

ip address 10.2.2.2 255.0.0.0

rtr 1

type echo protocol ipIcmpEcho 172.16.23.7

timeout 1000

frequency 3

threshold 2

rtr schedule 1 life forever start-time now

track 123 rtr 1 reachability

access list 101 permit icmp any host 172.16.23.7 echo

route map MY_LOCAL_POLICY permit 10

match ip address 101

set ip next-hop 10.1.1.242

set interface null 0

!

ip local policy route-map MY_LOCAL_POLICY

ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123

ip route 0.0.0.0 0.0.0.0 10.2.2.125 254

for more info on the same do refer this link where u got different scenarios discussed with different media types.

http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/products_feature_guide09186a00801d862d.html#wp1071672

regds

mljevakovic
Level 3
Level 3
In response to spremkumar

‎01-16-2006 05:45 AM

thanks again. i'll give you feedback about this.

0 Helpful
Customers Also Viewed These Support Documents