I want to configure redundant paths for a 1761 router with ADSL and ISDN interfaces. I've been trying for a while to get a VPN site to site, then add in GRE tunnel. My question is this: has anyone managed to get this type of scenario in a single router working?
The major problem we've had has been the tunnel interface stopping inbound NAT to an inside SMTP server.
I have done similar things on a single router. My suggestion would be to use GRE/IPSec tunnels so you can run a routing protocol like OSPF or EIGRP. Then use dialer watch or floating static routes to backup the ADSL interface.
There is an example configuration in the "Redundant Routes in IPSec VPNs" white paper on my web site. The problem you describe sounds like an error in the access lists defining the traffic using the VPN. These access lists can be tricky because they depend upon where in the encapsulation process they are applied.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...