there are two sites connected by MPLS. all the internet traffic from each site going through ASA which is connected to the internet directly. ASA has static route to other site through MPLS. I need to configure VPN site to site, in the case of MPLS being down, traffic between two sites going through VPN tunnel:
#route inside 10.1.1.0 255.255.255.0 10.1.2.1 --> route traffic to other site through MPLS (10.1.2.1 is the MPLS router)
if MPLS down, I need to route to 10.1.1.0 subnet through VPN tunnel.
but both MPLS and VPN must be route traffic at the same time. VPN interface is used for regular internet traffic and VPN tunnel, and MPLS link is used to reach to the remote site subnets. if MPLS down, I need route to remote site subnets going through VPN tunnel.
You will track the MPLS routes that are prone to go down. You will also have secondary routes for the same destination subnets with lower priority using VPN next hop. In case tracking fails and the MLPLS routes go down you will use the lower priority ones kick in.
SLA tracking will do it. It is the same as in the link I sent but you would need to track all the MPLS routes and have corresponding fallbacks using the VPN.
The VPN routes that will always be used for VPN and internet will not play in the set up, these routes will stay there.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :