Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
273
Views
0
Helpful
2
Replies

Problem with VPN over DSL as a backup on a 2811

ron.parrow
Level 1
Level 1

‎06-13-2006 05:48 AM - edited ‎03-03-2019 12:59 PM

I have a 2811 in a remote office that has a T-1 as the primary circuit and DSL as the backup (WIC1-ADSL card) that has a VPN tunnel back to our NOC. The config works fine if the T-1 goes down and stays down, but if the T-1 bounces and comes back up in less than 30 seconds it creates a problem. The problem is is that the VPN tunnel stays up after the T-1 comes back up. Has anybody else had the same problem?

Is there a config setting that can be added to the router to force it to use the VPN tunnel for a set length of time after the T-1 comes back up?

Labels:
0 Helpful
2 Replies 2

tdrais
Level 7
Level 7

‎06-13-2006 06:44 AM

This sound like the old ISDN dial on demand problems.

How are you getting the traffic to fail over to the vpn tunnel.

Unless you are paying by the byte for your ADSL connection I cannot see why you do not want this up all the time. You can just run a routing protocol over both connection and adjust the metrics to use the proper conenction.

This type of error in dial backup was caused many times by routing protocol coming up over the dialup that then prefered that path and did not ever go back if the dialup circuit was being controlled by intersting traffic rather than some other form of backup interface.

0 Helpful

thomuff
Level 3
Level 3
In response to tdrais

‎06-13-2006 09:54 AM

We had a similiar problem the other day. It is a different configuration with same problem. We have a 2811 with a T1 connection. We have a 1801 establishing a LAN to LAN tunnel back to our VPN concentrator at the Central Office. The 1801 connects to the 2811 via ethernet. The 2811 gets its default route from the Core Router. We have a static weighted default route (metric of 250) So if the T1 drops, all traffic is sent to the 1801 and across the tunnel. We are going to setup our network monitoring software to ping a loopback interface on the 1801 to ensure that the vpn tunnel stays up.

When the circuit was bouncing frequently, we shut the serial interface and forced the traffic across the VPN tunnel until the carrier had corrected the problem.

Hope this helps.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card