Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
805
Views
0
Helpful
4
Replies

VPN tunnel as a backup

i_lopez
Level 1
Level 1

‎07-09-2002 01:34 PM - edited ‎02-21-2020 11:55 AM

We have a site with a cisco 2621. A serial interface connected to the brach office (cisco 7500) with a dedicated line. A fastethernet interface connected to an ADSL Internet access. And another fastethernet interface connected to the lan.

At the branch office we have a VPN Concentrator 3000.

We need a solution using VPN tunnel between the VPN Concentrator and the small office when the leased line fails.

Regards,

Carlos Welhous.

Labels:
0 Helpful
4 Replies 4

ciscomoderator
Community Manager
Community Manager

‎07-16-2002 01:47 PM

Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

0 Helpful

vcjones
Level 5
Level 5

‎07-22-2002 07:49 AM

Backup via VPN is possible, but non-trivial. You can think of the VPN as an alternate, higher-cost link or as a dial-on-demand link (in the end, they both are equivalent). You need a mechanism to detect that the serial link is down and a mechanism to reroute traffic via the VPN. The details will depend upon exactly what your network looks like and what kinds of traffic you need to support.

Some items to watch out for include: VPN setup, MTU reduction when the VPN is in use, routing protocol requirements for "neighbors," ensuring that both ends detect the need to alternate route, and acceptable use restrictions on the DSL line. Easiest (but not necessarily best) is to run a GRE tunnel across the VPN and run a routing protocol across both links, treating the GRE over VPN as just another dedictated, albeit high cost, link.

Good luck and have fun!

Vincent C Jones

0 Helpful

ndarnell
Level 1
Level 1

‎07-31-2002 06:28 AM

I've done this in the LAB using BGP but it's not simple and it can get messy.

The best solution will depend on your current setup, Routing protocols Etc

0 Helpful

bthornton
Level 1
Level 1

‎07-31-2002 09:18 AM

Your solution would be to establish a site-to-site vpn between you local-remote sites. Then setup floating static routes on your two routers that point to your respective networks that would kick in event the primary routes fail. I have used this as a backup for T-1 and ATMs connections.

0 Helpful
Customers Also Viewed These Support Documents