Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Site-to-Site

I am in the early stages of implementing a site-to-site VPN solution for a remote site. There are currently two frame relay (load balanced)links between Chicago (HQ) and Houston (remote). I would like to eliminate one frame relay link and replace it with a VPN link. The frame relay link will carry all mission critical traffic (i.e. SAP, CITRIX). All other traffic will utilize VPN. In case of failure on either link, I would like to have the traffic failover to the functioning link. I am running OSPF. What are my options and where can I find sample configs?

1 REPLY
Silver

Re: VPN Site-to-Site

Probably the easiest way to do this is to create a gre over ipsec tunnel between the two routers, and run a routing protocol over just the tunnel( in your case OSPF). Then you can add a floating static route which points out over the frame relay cloud on both routers. This way, when the routing protocol loses its neighborship with the peer router, it will remove the lower administrative cost dynamic routes from the table which point out over the gre link, and use the floating static route to route packets over the frame relay cloud. Take a look at this document for a sample config.

http://www.cisco.com/warp/public/707/gre_ipsec_ospf.html

78
Views
5
Helpful
1
Replies
CreatePlease to create content