Greetings, we have a client who wishes to terminate 2 DSL links on a 2801 ISR, the client also has a number of remote branch office.
They would like to terminate L2L VPN's on the 2801 for secure site to site connectivity. Branch office routers are all 857 ISR's.
Now ive been juggling with the best way to configure this, normally i wouldnt be concerned but im struggling to take into account the two DSL connections terminated on the same router at the head office.
Option 1: Configure a crypto map on each of the DSL interfaces on the 2801 and run two tunnels to each branch office in combination with static routes. Use PBR to split standard web traffic across the two DSL links.
Option 2: Dedicate one of the DSL interfaces on the 2801 to L2L VPN traffic and use policy based routing to redirect all other traffic out of the second DSL link.
Has anyone had similar experience with a setup like this? I would normally be inclined to run GRE/EIGRP but the 857's only support RIP which i would like to avoid.