Question on how to tackle this VPN setup

Unanswered Question

I have Site A whose VPN router has two VPN tunnels built to two sites. To Site B it connects to a VPN Concentrator with a site to site ipsec tunnel (doing reverse-route injection), and to Site C it connects using a GRE tunnel and runs EIGRP over it. Both B and C can talk to each other through, say, over WAN. I want Site A to be able to route to Site B via Site C in case the concentrator fails in B. The problem I'm running into is that the site to site tunnel will never attempt to build becuase it is already aware of Site B via EIGRP with Site C. Is there a way to force the tunnel to build? Once it is built because of the static route it will prefer it over EIGRP but the problem is getting the tunnel to come in the first place. Obviouslty if I prevent EIGRP from happening the tunnel will come up but I can't do that everytime the router reboots or something.

Site A ===== GRE Tunnel , running EIGRP === Site C

=

=

=

site-to-site

=

=

=

Site B

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Federico Coto F... Thu, 05/13/2010 - 11:44

Hi,

SiteA - SiteB = IPsec tunnel
SiteA - SiteC = GRE tunnel

In order to allow communication between SiteA and SiteC through SiteB:
There must be a site-to-site that should be established between SiteA
and SiteC and between Site C and Site B. (to take over when SiteA-SiteB fails).
Do you want to enable a Site-to-Site between A-C/C-B?

Federico.

Herbert Baerten Wed, 05/19/2010 - 03:15

So if I understand correctly, the question can be reduced to "how can I make sure the L2L between A and B comes up (and stays up) automatically, even when the route to the B network are pointing to C" ?

Here's an idea: find (or allocate) an ip address at site B, that is not used for regular traffic.

On A, configure a static route to that single IP, going over the tunnel to B.

Then configure something that sends traffic to that IP address at regular intervals. E.g. NTP, IP SLA, ...

hth

Herbert

Actions

This Discussion