VPN Backup for Leased line

Unanswered Question
Sep 8th, 2009

Hello.

I have a direct leased line connection between 2 sites and in the event of failure of this link I would like a VPN to be brought up over my backup ADSL connection automatically.

I have Cisco ASA firewalls at both Site A and Site B. At site B the leased line and the ADSL terminate on the ASA.

My concern is that the VPN will come up or attempt to come up anyway whether the leased line is down or not.

Help!

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sziaulla Tue, 09/08/2009 - 04:46

it depends on your routing. Your routing should be setup in a way that when your leased line is up the default route should be pointing via leased line and when your leased line is down the default route should be pointing via adsl.

here is the sample config for your scenario.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

thanks

-Syed

mikedelafield Tue, 09/08/2009 - 07:55

Hi thanks.

I've actually got it working.

The problem was that the remote site was set to bi-directional and was constantly trying to bring up the connection seemingly confusing the normal routing.

I switched it to answer only and the Failover required site is bidirectional so now normal routing occurs when the link is up, but then when the link goes down the ADSL path takes over the routing and the VPN kicks in as expected.

Great!

Actions

This Discussion