Advice - Plz Help

Unanswered Question
Feb 12th, 2009
User Badges:


I need advice on how to setup DMVPN for the following scenario






DC#1 is connected to DC#2 via MPLS using BGP

BO#1 is connected to DC#1 with GRE Tunnel over IPSEC (( Routing protocol OSPF at both sides ))

I dont know how to configure BO#1 to establish GRE TUNNEL over IPSEC with DC#2 and send traffic only when connection is lost with DC#1

Failover Scenario for GRE-Tunnel Over IPSEC for Branch-Office Setup.

DC#1 and DC#2 have 3840 Router and 6MB Internet Link


branch office have 2800 Router and 2MB Internet Link

Can someone please assist with a cisco doc link for similar scenario or sample working config...

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JamesLuther Fri, 02/13/2009 - 01:46
User Badges:
  • Silver, 250 points or more


The answer depends on if you're runnnig a routing protocol and which routing protocol you're runnning.

From the branch office then all you need to do is route traffic to Tunnel1 interface to send traffic to DC#1 and the Tunnel2 interface for DC#2.

To make this dynamic then you need to either put a floating static pointing towards Tunnel2 (ie static route with a higher admin distance), or run a routing protocol back to your DCs and control the routing that way.


JamesLuther Fri, 02/13/2009 - 01:53
User Badges:
  • Silver, 250 points or more


A floating static config would be something like this

ip route Tunnel1

ip route Tunnel2 250

Where is the DC Network

Tunnel1 is GRE tunnel to DC#1

Tunnel1 is GRE tunnel to DC#2

250 = Admin distance of floating static


JamesLuther Fri, 02/13/2009 - 02:03
User Badges:
  • Silver, 250 points or more


Sorry I just noticed that you siad you're running OSPF from the BO to the DC.

In that case just setup OSPF to DC2 in the same way as DC1 and add "ip ospf cost 500" to the tunnel interface to DC2


ronald.ramzy Fri, 02/13/2009 - 13:25
User Badges:

Thanks for the information.

How to configure Branch-Office for DC#2 with minimum configuration

Can you help with Cisco-Doc-Link for Scenario where its 2HUBS and Multiple spokes using GRE with IPSEC


This Discussion