Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
744
Views
0
Helpful
4
Replies

isdn backup for vpn-connection

m.unterhofer
Level 1
Level 1

‎10-21-2002 04:10 AM - edited ‎02-21-2020 12:08 PM

is there a solution to back up a vpn connection with an isdn dialup connection. it often happens that the vpn-connection to some branches fail. as the link to the internet remains up a normal backup-dialer doesn't work. i would need a possibility to check the reachability of a certain ip-address and if neccessary bring up the isdn-connection.

thanks

martin

Labels:
0 Helpful
4 Replies 4

ropdebeke
Level 1
Level 1

‎10-21-2002 09:08 AM

You might check the dialer-watch command in IOS.

Whith Dialer-watch lists you can examine remote subnets and let them trigger a dialup interface ( You should however run Eigrp or OSPF )

Roger

0 Helpful

rlcarr
Level 1
Level 1

‎10-23-2002 06:04 AM

What you may wish to do is to establish a GRE tunnel between your two end-points. You can then monitor the remote end of the tunnel. (if you lose connectivity anywhere in between your tunnel will go down).

Now you have the option of either sending a default route down the tunnel or a weighted static route out your BRI (I'm assuming your BRI is on the same box)

Now what you have to worry about is, at your main store does it know which path to use to get back to the branch if your ISDN terminates in a seperate box than your GRE. In this case you would be better off using a routing protocol over static routes.

Here is a link that will help:

http://www.cisco.com/warp/customer/707/gre_ipsec_ospf.html

Cheers,

~rlc

CCNP, CCDA, CNE

0 Helpful

wolfram.girg
Level 1
Level 1
In response to rlcarr

‎01-14-2003 08:43 AM

Is it possible to terminate a GRE connection on a Pix Firewall ?

If you have a setup with a Pix Firewall which is holding the IPSEC tunnel to the HQ and you have an extra ISDN backup router in the same LAN? Which possibilities for backup you have with this szenario ?

Thanks 4 help

0 Helpful

vcjones
Level 5
Level 5

‎01-14-2003 11:12 AM

There are multiple solutions to this challenge, depending upon whether the IPSec endpoints and the routing endpoints coincide. There are two example configurations in the Redundant VPN whitepaper on my web site (http://www.networkingunlimited.com/white009.html). One uses generic tunnels and OSPF with the routers doing both routing and IPSecing, just replace one of the VPN links with an OSPF demand ISDN link or use dialer watch. The other uses BGP between routers over an IPSec between firewalls (not to be confused with BGP with an ISP for multihoming). Using BGP directly over IPSec eliminates the need for a GRE tunnel (and the consequent reduction in MTU).

Good luck and have fun!

Vincent C Jones

www.networkingunlimited.com

0 Helpful
Customers Also Viewed These Support Documents