08-25-2010 12:06 AM
We have four locations, fully meshed via IPSEC tunnels and running EIGRP.
Each location has has a dedicated WAN connection with a static IP address.
I'm looking for a solution where if one branch loses its dedicated WAN connection, it can dial into the local ISP and reestablish its tunnels. The IP it receives via dialup will be dynamic.
I've considered DMVPN, however it seems to me that if the hub is lost, the spokes will be unable to establish spoke-to-spoke connections since they will be unable to resolve next-hop.
Is there another solution that I haven't found?
Many thanks.
08-25-2010 04:01 AM
hi dan
i am not quite sure if i understood ur requirement
r u going to configure sla monitoing on each interface???
so if i understand right u have a hub and spoke topology wherin u want the tunnel to come up via a back up link whenever ur wan link goes down
if so what is the nature of ip's u have are they static or do u get a different ip everytime
08-25-2010 04:11 AM
There will be no SLA monitoring.
Basically what we want is a fully meshed network, that can use dial backup to maintain the tunnels without having to use DMVPN.
The IP addresses we have are static on the WAN links but dynamic on the dialup.
Dan
08-25-2010 06:03 AM
try making loopback interface and terminate vpn tunnel on that interaface
now make a gre tunnel interface with source as loopback and destination as the remote loopback address
that way irrespective of which internet link is active your tunnel will work, but what i dont understand how will you make the failover of isp preemptive without sla monitor. i mean without sla monitor you will have to fall back manually
however you will need to give public ip to loopback
i have not tried it out, you might want to try this out first in your lab setup
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide