VPN tunnel and Dual ISP

Unanswered Question
Jun 14th, 2010
User Badges:

Hi All,

I'm looking for a solution for the following scenerio: Site-A has 2 isp for failover, ISP-1 and ISP-2. Site-A also has a site to site tunnel to remote Site-B on ISP-1. I want to be able to converge the tunnel to ISP-2 when ISP-1 goes down. If possible, how will I be able to do that from Site-B? What kind of equipment would I need?

Thanks in advance.

Elpidio Buhian

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Latchum Naidu Mon, 06/14/2010 - 15:22
User Badges:
  • Blue, 1500 points or more

Hi Elpidio Buhian,

Let me assume your setup...

1. You have two ISP's ISP1 and ISP2

2. Site A say it is DC where you have two ISP's

3. At site A you need to have two CPE routers (i guess you have), one is connected to ISP1 and second is connected to ISP2

To achive this scenario which you are looking you need to have to have below ones....

Do you have your one PA?

And is that advertising through both ISP's?

Then you have a chance to achive what you are looking.



Elpidio.buhian Tue, 06/15/2010 - 07:41
User Badges:

Hi Latchum Naidu,

I apologize for leaving a few details out from the original post. There is no current setup right now. It's for an SMB customer that required redundant Tunnel from Site-A to Site-B. They currently have home type edge devices and I wanted to replace them with ISR routers. A 1941 with a HWIC-1fe or 2fe module (3 interfaces to support 2 WAN and 1 LAN) at Site-A and a 881 at Site-B (Please suggest if you think we need better hardware). At Site-A, ISP-1 provides a T1 line and ISP-2 provides cable connection. At Site-B, ISP provides cable/dsl connection. So there isn't a dedicated link between Site-A and Site-B.

Again, sorry for leaving these details out. Thanks again for your prompt response.

Latchum Naidu Tue, 06/15/2010 - 13:18
User Badges:
  • Blue, 1500 points or more

Hi Elpidio Buhian,

There is no need any dedicated lines between site A and site B. They just need internet connection at both ends with static public IP's is enough. You can establish site to site tunnel between both sites.

And the hardware you have is seems to be enough.




This Discussion