is there a solution to back up a vpn connection with an isdn dialup connection. it often happens that the vpn-connection to some branches fail. as the link to the internet remains up a normal backup-dialer doesn't work. i would need a possibility to check the reachability of a certain ip-address and if neccessary bring up the isdn-connection.
What you may wish to do is to establish a GRE tunnel between your two end-points. You can then monitor the remote end of the tunnel. (if you lose connectivity anywhere in between your tunnel will go down).
Now you have the option of either sending a default route down the tunnel or a weighted static route out your BRI (I'm assuming your BRI is on the same box)
Now what you have to worry about is, at your main store does it know which path to use to get back to the branch if your ISDN terminates in a seperate box than your GRE. In this case you would be better off using a routing protocol over static routes.
Is it possible to terminate a GRE connection on a Pix Firewall ?
If you have a setup with a Pix Firewall which is holding the IPSEC tunnel to the HQ and you have an extra ISDN backup router in the same LAN? Which possibilities for backup you have with this szenario ?
There are multiple solutions to this challenge, depending upon whether the IPSec endpoints and the routing endpoints coincide. There are two example configurations in the Redundant VPN whitepaper on my web site (http://www.networkingunlimited.com/white009.html). One uses generic tunnels and OSPF with the routers doing both routing and IPSecing, just replace one of the VPN links with an OSPF demand ISDN link or use dialer watch. The other uses BGP between routers over an IPSec between firewalls (not to be confused with BGP with an ISP for multihoming). Using BGP directly over IPSec eliminates the need for a GRE tunnel (and the consequent reduction in MTU).
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...