Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Redundant routes

I have a remote site that is connected to my NY office via Sprint MPLS using what they call a halt-tunnel. I have a redundant circuit installed with a PIX at the remote location and set a default route on the router of the primary circuit using 3 as the admin distance. This works in directing the Internet traffic out properly, however I have setup a site-to-site VPN which comes up but the return traffic is lost. What can I do to set my PIX in NY to point the traffic to the correct route?


Re: Redundant routes


Can you post a simple diagram representing your network with respective connectivities mentioned ?


New Member

Re: Redundant routes

Here is a simple drawing of the setup. Be aware that the path through the Sprint cloud is the primary path and the IPSec tunnel is the redundant path. I have set an alternate default gateway on the primary router in the remote site to point to the IPSec circuit if the primary is unavailable. I tested this by failing the main line and I was able to get Internet traffic. I created interesting traffic by sending pings and the IPSec tunnel came up okay. However I didn't receive responses to the pings.

Can I set a parameters on the NY PIX to direct the traffic back to the remote site in this configuration when a failure occurs on the primary circuit?