Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ISDN backup for IPSec site-to-site

Does anybody know how to configure ISDN backup for IPSec site-to-site without GRE?

6 REPLIES

Re: ISDN backup for IPSec site-to-site

Hi

Can you revert back about your primary connectivity through which you are establishing the Tunnel ?

Also the number of sites involved in this tunnel formation ...

regds

New Member

Re: ISDN backup for IPSec site-to-site

I have two locations between I set up IPSec site-to-site VPN. It works. Routers on these locations are 2811 and 1421 with ISDN module (WIC and NM card).I need backup lines between these sites in case if one of this site is not reachable over Internet (VPN).

Primary connection of this sites is ethernet (over wireless) with static IP addresses.

Re: ISDN backup for IPSec site-to-site

Hi

I can suggest to make use of Object tracking facility availble in the IOS to trigger the ISDN link when the primary ethernet link goes down.

Since the primary tunnel is over the ethernet link you need to have either object tracking facility enabled to detect the failure or else to have a GRE tunnel built over the link to detect that.

since you are not interested in the second option better try out with the first option.

configuring the ISDN bri will be based on the billing like which location needs to get billed for the establishing the outgoing calls made when the primary link is down.

do refer this link for more on object tracking feature avl in the ios..

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a00801541be.html

regds

New Member

Re: ISDN backup for IPSec site-to-site

Thanks for the suggestion but if not problem for you (because this big document make me confuse) could you provide me an example for my scenario.

Re: ISDN backup for IPSec site-to-site

Hi

Its a 3 step process creating the tracking rules under rtr prompt,applying it to the serial interface and an route-map to make the route invalid once the reachability goes off..

do find the config sample where both primary and secondary links are connected on ethernet ports..

interface ethernet 0

description primary_link

ip address 10.1.1.1 255.0.0.0

interface ethernet 1

description backup_link

ip address 10.2.2.2 255.0.0.0

rtr 1

type echo protocol ipIcmpEcho 172.16.23.7

timeout 1000

frequency 3

threshold 2

rtr schedule 1 life forever start-time now

track 123 rtr 1 reachability

access list 101 permit icmp any host 172.16.23.7 echo

route map MY_LOCAL_POLICY permit 10

match ip address 101

set ip next-hop 10.1.1.242

set interface null 0

!

ip local policy route-map MY_LOCAL_POLICY

ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123

ip route 0.0.0.0 0.0.0.0 10.2.2.125 254

for more info on the same do refer this link where u got different scenarios discussed with different media types.

http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/products_feature_guide09186a00801d862d.html#wp1071672

regds

New Member

Re: ISDN backup for IPSec site-to-site

thanks again. i'll give you feedback about this.

105
Views
5
Helpful
6
Replies
CreatePlease to create content