Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

MPLS with IPSec backup with 2 routers

I am trying to configure an auto-failover of a location with a primary MPLS circuit/router, with a second cisco router with an IPSec tunnel.  The backup router is up, the tunnel is up, but I've refrained from having a LAN connection made to this point so as not to incur a routing loop of any kind.  As expected, I want to the backup connection/router to "take over" when the primary MPLS circuit drops.   Any suggestions?

Everyone's tags (4)
New Member

Re: MPLS with IPSec backup with 2 routers

What routing protocols are you using? Typically MPLS providers support BGP. if this is the case I would peer EIGRP with your Asa and inject a default route. You can then inject all private routes plus a default over your MPLS cloud via bgp. I would then redistribute bgp to EIGRP on your MPLS gateway router and use the bgp backdoor command. The ASA and mpls router should peer eigrp. This will lower the administrative distance to 190 from the ebgp learned default route on the MPLS

That way under normal conditions you will have a default route to your ASA and all private routes to your MPLS router. If the asa goes down the default route with 190 via bgp will be injected to the routing table. And everything will flow over the MPLS. If the MPLS goes down you will simply have a default route to your ASA and no private routes. If you build a IPSEC tunnel for backup, interesting traffic will hit the ASA and establish a VPN to the head end office. So long as it is configured properly.


Sent from Cisco Technical Support iPad App

CreatePlease login to create content