failover routing

Unanswered Question
Feb 18th, 2009

got a client running a point to point T1 circuit between two offices on cisco routers. They also have a VPN tunnel between the same two locations running on watchguard firewalls. They want to setup failover in the event the point to point circuit goes down the two offices will communicate using the VPN tunnel.

I have the following config in the router. I can get the tunnel on the router to come up but when I bring down the point to point the tunnel doesn't failover to the VPN tunnel.


e0 inside

s0/0/0 ptp



Source Loopback0 Destination

EIGRP 1068 Dist-list 90 out Tunnel0

IP Access-list 90 permit

IP route 180

Watchguard LAN IP






source Loopback0 destin

EIGRP 1068 Dist List 90 out Tunnel0

IP access-list 90 permit

IP Route 180

watchguard LAN IP

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Giuseppe Larosa Thu, 02/19/2009 - 14:42

Hello Jason,

I would suggest to post a filtered version of the configuration of your routers including your config of the VPN tunnel.

Do you mean you have GRE inside IPSec or the VPN tunnel is only the GRE tunnel ?

And are the watchguard configured to allow GRe packets between that specific ip addresses ?

Hope to help



This Discussion