Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
248
Views
0
Helpful
2
Replies

Site to SIte WAN Routing/Failover

csco11142276
Level 1
Level 1

‎07-02-2009 04:17 AM - edited ‎03-04-2019 05:18 AM

Experts,

Need your assistance again. I have a customer who has recently migrated leased lines based WAN with Internet based VPN connectivity.

Part 1 Requirements:

Each site has a primary (ADSL2+) and a secondary (SDSL) connection to the internet. In normal operation encrypted VPN tunnels carry only internet traffic via the SDSL connections to the other sites, all other traffic uses the ADSL2+ connection. This is currently installed and stared working.

Part 2 Requirements:

In the event of SDSL connection failure, they want VPN tunnels to automatically

fallback over ADSL2+ connection, and likewise if ADSL+ connection fail all general traffic should failover to SDSL connection. The VPN-based internet uses GRE/IPSec tunnels with NHRP to a central hub, running OSPF. Neither the SDSL nor the ADSL2+ terminate directly on our routers, but instead are presented via Ethernet from a third-party router in transparent bridge mode (the outside IP address appears on our Ethernet interface). We have tried to manipulate OSPF cost for primary and secondary failover but this isn't working.

Could you please provide your expert knowledge on how to resolve this issue and if possible a configuration would be a great help if anyone has gone through the same type of issue.

Thanks

Labels:
0 Helpful
2 Replies 2

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎07-05-2009 12:50 PM

Hello JB,

I'm not sure to have understood everything.

Let's me list :

you should have two DMVPNs clouds using two mGRE tunnels on each remote site router.

By doing so you can adjust ospf cost on a per tunnel basis making a clear hierarchy of paths.

see

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/DMVPN_1.html#wp36546

using OSPF and a single DMVPN cloud (a single MGRE IP subnet) with two hubs is not recommended for a primary/secondary solution.

Hope to help

Giuseppe

0 Helpful

csco11142276
Level 1
Level 1
In response to Giuseppe Larosa

‎07-09-2009 04:59 AM

Giuseppe,

Thanks mate. Also, sorry for the delay in replying back.

I will check with my engineers as I believe this is the glitch there my engineers may be missing i.e. dual-DMVPNs with dual subnets.

Could I please ask you to send if you have any config examples of dual-DMVPNs with dual subnets.

Regards,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card