Partner/Extranet connections with failover best practices

Unanswered Question

We are trying to connect a partner to our network with support for dynamic routing and failover between a primary T1 connection and a backup Internet L2L IPSec connection. We use EIGRP internally, but because of the firewalls in between us and the partner, I don't believe that EIGRP end-to-end will work. How have other sites connected networks in this fashion? What is a good solution that offers dynamic failover between links when the link or the router goes down and the remote network becomes unavailable?

Attached is a brief diagram.

Thanks for the help!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Edison Ortiz Mon, 06/25/2007 - 12:42
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You can create a GRE tunnel between your office and the partner location. However, it sounds like both companies have different routing policies, so I recommend keeping things simple and configure BGP at each end. Once BGP is configured, redistribute the respective IGPs into BGP for routing exchange. BGP works quite well thru FWs since it uses the TCP protocol instead of multicast.


This Discussion