08-06-2009 08:16 AM - edited 02-21-2020 04:18 PM
Hi all,
My customer have a router with 3 ISP (each Link is connected in a interface different) and I need configure VPN Site-to-Site with Load Balacing and HA between theses ISP Links, is it possible? Someone can help me with this task?
tks a lot,
Rodrigo Alves
08-06-2009 09:03 AM
Very easy. You use "loopback" interface on the router as your VPN termination endpoint. That will allow load-balancing and HA, assuming you use other routing protocols such as OSPF or eBGP multihop load balancing/sharing.
08-06-2009 11:27 AM
08-11-2009 05:08 AM
Well you dont use dynamic routing protocols so far, but you sould if you want the best and easyest way to do that.
No you wont need 3 vpn l2l for each ISP. You will need one vpn l2l for each ISP, so you can load balance between them and if some goes off the routing protocol automaticly stop sending traffic through this one.
little sample
Router 1
fa0/0
200.0.0.1
crypto map mymap
Fa0/1
10.0.0.1
route 0.0.0.0 0.0.0.0 200.0.0.2
loopback 10
192.168.1.1
tunnel source fa0/1
tunnel destination 11.0.0.1
access-list crypto_acl permit ip host 10.0.0.1 host 11.0.0.1
crypto-map mymap 10 set peer 200.10.10.10
crypto-map mymap 10 match crypto_acl
Router 2
fa0/0
200.10.10.10
crypto map mymap
Fa0/1
11.0.0.1
route 0.0.0.0 0.0.0.0 200.10.10.11
loopback 10
192.168.1.2
tunnel source fa0/1
tunnel destination 10.0.0.1
access-list crypto_acl permit ip host 11.0.0.1 host 10.0.0.1
crypto-map mymap 10 set peer 200.0.0.1
crypto-map mymap 10 match c
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide