I would like to do dial backup. My problem is I have a Primary VPN connection using ADSL and want to create a secondary VPN connection with a US Robotics modem hanging off my AUX port as the backup connection. What I need is when the tunnel goes down on the Primary VPN, I need it to initiate dial backup on the AUX port, create a Secondary VPN tunnel and Terminate to the same VPN head end that the primary tunnel was terminated to.
Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
If anyone else in the forum has some advice, please reply to this thread.
You may be able to do this. What you will want to do is make a loopback interface on this router and use the crypto map (mapname) local address command and specify the loopback and be sure that you give this interface a public ip. Then make the other peer point to this loopback for its peer. Next have two static routes for the peer that you are connecting to. One with an administrative distance of say 1 and the other of 2. The one with the administrative distance of two should point out the other interface for the dsl connection. By configuring it this way you avoid having to have the tunnel rebuilt. You are simply just rerouting traffic.
It is not an easy task, but the good news is, it is doable.
Unfortunately, there is no sample configuration on this, because it involves a lot of other different technologies
One way to achieve that, is to enable GRE/IPSEC tunnels on the primary connection and run some routing protocol. Also enable floating static routes for the remote subnets with some higher admin distance. Routing protocol would keep track of the remote subnets. One the primary connection fails, then your routing would break too. Your static route would get installed in the routing table with the next hop being your other end of the modem connection
I have already done the EIGRP inside of GRE inside of IPSec and dial backup and it works. The problem is I have DHCP and PPPoE IP address assignements from many ISP's so how can I use the GRE without a static IP address?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :