Solved: site to site vpn cisco 1811

shivudu1984 · ‎11-01-2012

Hi Guys

Two sites are on MPLS connection and things are working great. Now am looking to connect a second ISP and create a fail-over site-site VPN. If the primary ISP fails (in case of a complete blackout at an ISP level which is unlikely to happen but just in case) then MPLS should fail-over to site to site VPN which will be completely on a different secondary ISP. Can someone provide me options like if I should use ospf, bgp or ip sla? if tracking is involved how can I monitor the MPLS? is it same as just interface tracking or any special routing required? etc et... your help is greatly appreciated.. Thanks..

Javier Portuguez · ‎11-01-2012

Hi,

It actually depends on what is already working.

I usually do it with IP SLA if there is no Routing Protocol running, so OSPF, BGP are always my first option.

The IP SLA settings should be the same, just point to an available IP address reachable across the primary connection and track your Routes using this instance.

In terms of VPN, just make sure the crypto map is on the secondary interface and it should do it.

HTH.

Portu.

Please rate any helpful posts.

View solution in original post

Javier Portuguez · ‎11-01-2012

Hi,