Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Dynamic VPN

On a 28xx router, say if I have 2 links. On normal operations, i want to send all PC traffic via link A (not encrypted) and all AS 400 traffic via link B (IPSec).

Now my question is when do the router check the IPSec? i.e. say if the primary link failed, can i now direct all traffic to go via the secondary IPSec tunnel as well?

I was thinking to use policy routing + normal routing... so policy route all traffic (except AS400) to primary link, with normal routing pointing thru IPSec tunnel. Hence if the primary link fails, the normal routing will pick all traffic and pass them towards IPSec tunnel.

But this only works if IPSec only checks on the outgoing interface it applies to. Is this the case?

Would appreciate any help

2 REPLIES
Bronze

Re: Dynamic VPN

hi

you can send in the a link both traffic IPSEC encrypted and clear traffic the one you dont want to encrypt, using VPN split-tuneling!!!

kamal

New Member

Re: Dynamic VPN

Can you please elaborate a bit more on what u mean?

93
Views
0
Helpful
2
Replies