Design Help with MPLS/BGP and Point to Point VPNs using OSPF as backup

kcordero_uvi · ‎07-01-2008

I need some advice on the configuration I want to implement. Basically we have a MPLS cloud using BGP. We are using OSPF for internal routing. Everything is working fine. Now we want to add a Point to Point VPN using new Cisco ASA's for a backup path at all of our remote locations. We want it to be on standby. I want to use OSPF for this. Miami and LA are datacenters. I want the VPN's to go into both datacenters if possible running OSPF for backups. I have a feeling this will be very tricky. I also wanted to use floating routes. Now I know I get the VPN's up and running using OSPF with no problem. Here are my questions:

But being that I am using different areas, will OSPF through the VPN work correctly? I have the Cisco PDF on setting this up but it looks like they are using the same, AREA0, in the example.

Can I get both VPN's to work with no problems? Or will it be too much of a pain?

What would you guys suggest?

Thanks.

hadbou · ‎07-07-2008

Refer to the following url for more info on configuring Point to Point VPNs on ASA:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/ike.html

bchoisser · ‎08-18-2008

We are implementing the same solution, and was only able to make this work using HSRP one router for the MPLS connection and one for the VPN tunnel. I opened a TAC case and the tech couldn't get it to work either. I was able to establish the Lan-2-lan tunnel but triggering the route update was the problem. We ended up pulling our ASA5505's out and putting in 1841 routers.