Cisco Support Community
Community Member

Dual routers - Dual ISPs - Dual site-to-site VPN

I have a office that has to 2621xm routers with to different ISPs. I have one of the routers connected to the corporate center with an VPN site-to-site tunnel. I want to connect the other router with a VPN site-to-site tunnel to the corporate site in case the other router or ISP dies. There is OSPF running so both routers know about each other. It would also be nice to have load sharing so if the line gets to congested the traffic would go out both site-to-site tunnels back to the corporate center. I am not sure how to implement this, does anybody have any help to give me?


Re: Dual routers - Dual ISPs - Dual site-to-site VPN

Hi there,

You need to create two GRE/IPSEC connections, one from each 2621xm. This way on every xm router you will have a GRE interface that will tunnel your traffic.

Since on the GRE you can run OSPF, you can do load sharing. The crypto maps will be between GRE interfaces only, so any traffic that enters GREs can pass the VPN tunnel. This adds scalability to your design.


Please rate if this helped.



Community Member

Re: Dual routers - Dual ISPs - Dual site-to-site VPN

I read the information that you fowarded me, however, it doesn't explain to me how create 2 ipsec tunnels from the remote on to diffrent routers and route the LAN traffic over both ipsec tunnels to a PIX in the corporate center. In order to do what I want, do I need another PIX on the corporate side to create the other ipsec tunnel, or can I still create both tunnels in one PIX?

CreatePlease to create content