01-26-2009 10:42 AM - edited 03-04-2019 12:59 AM
Dear all,
I have a DMVPN- hub to spoke scenario.Its working perfectly.
Hub-- 2821 router spoke -- 877 router.
spoke(877) is using an ADSL connection.
now i have a plan to provide back up link at spoke level, using AUX port to v.92 modem, suppose my ADSL link is down
it should dial a connection to internet and establish connectivity again, is that a possible option?
can anybody suggest a solution or any sample config.
i will rate all the posts.
Regards
Binoy
01-28-2009 06:06 PM
Hi Binoy,
Here is a link to configure DialOut over Aux port:
http://www.cisco.com/en/US/tech/tk801/tk36/technologies_configuration_example09186a0080094579.shtml
The main issue is you want to dial only when your ADSL is down. To do that you could use Object Tracking associated to your default route pointing to your primary Dialer interface. Then you add a floating default route pointing to your secondary Dialer interface (one mapped to the aux port).
With this configuration you don't need a 2nd tunnel interface as the backup is only at the tunnel routing plan so you just re-route your tunnel to another WAN interface.
When your ADSL link is back again, your tunnel is routed back to the primary Dialer interface (thanks to object tracking) and your dial connection should drop after the idle timer expires.
The thing is your Dial connection will be always UP the time your ADSL link is down because of your IGP running inside your tunnel which generate hello packets every x seconds
This link will help you to configure Object Tracking for static routes:
One more thing is I didn't test such solution so let me know if you go this way :-)
Thanks
Laurent.
01-29-2009 10:25 AM
thanks laurent
actually i do not have a second leased line or ISDN line at H.Q to dial into, there is only one leased line available at the H.Q, so basically once the adsl is down the aux port should connect to the same LL where the adsl was connected.
basically i'm providing redundancy at the spoke level only.
can you give more suggestions in this part.
Binoy
01-29-2009 07:56 PM
You don't need 2nd access at the HQ as your lease line is connected to Internet right ? So from your remote site which is also connected to Internet, it doesn't matter which link you are using as your tunnel destination address doesn't change and is the public address configured on your HQ leased line.
But I must admit now I'm thinking about it there is an issue with my solution because when your ADSL is down, you don't have any tunnel source address available because you lost the public IP address associated to your primary dialer interface.
In this case it's becoming more complex because you need another tunnel which use your secondary dialer interface as tunnel source address but you can't run an IGP inside otherwise your PSTN line will always be connected even when the ADSL is UP.
For this tunnel, I would forgot DMVPN and use a pt-2-pt legacy IPSec tunnel with static crypto-map on the remote site and dynamic crypto-map on the HQ as I assume you don't have fix public addresses on the remote site.
It's not a big deal on the remote site because each tunnel is associated to one interface (DMVPN -> ADSL and crypto -> PSTN)
But you will have to be carrefull on the HQ as both tunnels are using the same WAN interface so need to be sure there is no confusion between both tunnels... you can use RRI feature with dynamic crypto-map to implement your routing policy at the HQ.
Sorry to have missed that point :-(
Laurent.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide