Vpn Site to Site needs backup link

Unanswered Question
Feb 9th, 2007

Hello Experts,

I have a Vpn network already connected. It is a site to site vpn connection. I will be getting a separate ISP link in case my primary line fails. (Connecting via regular rj45 ethernet cable)

Is there any special parameter/configuration that I need to do the change when the primary fails? Does the change happen automatically or do I have to do it manually.

Any link or explanation with the information is appreciated.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Kamal Malhotra Fri, 02/09/2007 - 16:15

Hi Randell,

I'm replying with the following assumptions :

1. The device in question is a Cisco router.

2. Both the links are terminating on the router.

This is what you need to do :

1. Configure a secondary default route with a higher AD. E.g. : ip route x.x.x.x 10

2. Bind the crypto map with the secondary interface.

3. Configure a secondary peer IP on the remote device.

Hope this helps.



ranbeckycr Tue, 02/13/2007 - 12:01

Hello Kamal,

Thank you for your response and sorry didn't answer before.

1- How do I configure a secondary peer? Is it as simple as just configuring another VPN Tunnel?

2- Will the router detect automatically if the link goes down and take the route with the higher AD??

Appreciate any comment on this question.



Kamal Malhotra Tue, 02/13/2007 - 12:51

Hi Randall,

No problems.

1. It needs to be configured on the headend device, not on the local router. Since I don't know what the device is, can't send you the exact steps.

2. Yes. If the link goes down physically then it will route via the backup interface but if something is wrong on the way, then it will not be able to.



ranbeckycr Tue, 02/13/2007 - 19:51

I really appreciate your help here.

Some more information for question #1.

Locally it is a Cisco Router. (on the local router I'm assuming I need to configure 2 VPN tunnels, one for each interface.)

The peer router is a Cisco Router as well.

Since both routers are Cisco do you have a link or perhaps an old example config of what needs to be configured locally and on the peer device?

Appreciate all the help.



This Discussion