Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

1811 Site to Site with VPN Failover?

I have 2 sites connected via P2P T1's. The only traffic that travels across the T1's is internal network traffic. Both Sites use DSL for internet access. I would like to configure a VPN tunnel between the 2 sites to use in case the T1 fails. I'm trying to find the best way to implement this. Should I look at OSPF or floating static routes? Any info is greatly appreciated.


Re: 1811 Site to Site with VPN Failover?


The below link discusses a typical scenario similar to the one which you are looking out for...

Once you are don with creating the crypto maps with the below steps you can apply the same under the interface which is connected to the DSL network with a static floating route for your respective local lans pointing towards the same.

1.Create ISAKMP parameters like hash, encryption, authentication and preshared key.

2.Create a transform set with the required encryption strength you would like to have for your lan trafic.

3.Create an access list permitting respective local lan access between your locations.

4.Create IPSEC policies incorporating peer address (i.e., remote routers ip address),transform set and the interesting traffic.