Redundant routes

Unanswered Question
Jul 17th, 2007

I have a remote site that is connected to my NY office via Sprint MPLS using what they call a halt-tunnel. I have a redundant circuit installed with a PIX at the remote location and set a default route on the router of the primary circuit using 3 as the admin distance. This works in directing the Internet traffic out properly, however I have setup a site-to-site VPN which comes up but the return traffic is lost. What can I do to set my PIX in NY to point the traffic to the correct route?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
spremkumar Tue, 07/17/2007 - 19:54

Hi

Can you post a simple diagram representing your network with respective connectivities mentioned ?

regds

frelaxx Wed, 07/18/2007 - 06:02

Here is a simple drawing of the setup. Be aware that the path through the Sprint cloud is the primary path and the IPSec tunnel is the redundant path. I have set an alternate default gateway on the primary router in the remote site to point to the IPSec circuit if the primary is unavailable. I tested this by failing the main line and I was able to get Internet traffic. I created interesting traffic by sending pings and the IPSec tunnel came up okay. However I didn't receive responses to the pings.

Can I set a parameters on the NY PIX to direct the traffic back to the remote site in this configuration when a failure occurs on the primary circuit?

Attachment: 

Actions

This Discussion