Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Partner/Extranet connections with failover best practices

We are trying to connect a partner to our network with support for dynamic routing and failover between a primary T1 connection and a backup Internet L2L IPSec connection. We use EIGRP internally, but because of the firewalls in between us and the partner, I don't believe that EIGRP end-to-end will work. How have other sites connected networks in this fashion? What is a good solution that offers dynamic failover between links when the link or the router goes down and the remote network becomes unavailable?

Attached is a brief diagram.

Thanks for the help!

Hall of Fame Super Bronze

Re: Partner/Extranet connections with failover best practices

You can create a GRE tunnel between your office and the partner location. However, it sounds like both companies have different routing policies, so I recommend keeping things simple and configure BGP at each end. Once BGP is configured, redistribute the respective IGPs into BGP for routing exchange. BGP works quite well thru FWs since it uses the TCP protocol instead of multicast.