Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
371
Views
0
Helpful
1
Replies

Reply Packet path selection by router

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni

‎03-20-2018 05:25 AM - edited ‎03-07-2019 12:22 AM

Hi, 

I have two VPN (DMVPN and IPsec VPN) connection between SITE A (HO) and SITE B with two different ISPs. The DMVPN is configured with Dynamic routing protocol as EIGRP and the second VPN is configured with static route AD value 171 (Higher then EIGRP) at both end becuase DMVPN is my main tunnel. 

I want to transfer one application traffic over the IPsec VPN and I configured the route-map with IPSLA on branch office router. Its working fine with failover. 

 

Question: If my Branch user will try to access the application traffic and Branch office router selects a path over the IPsec VPN due to route-map next hop option. Now,  How to HO router will choose the path for reply packets?  Will it send to the DMVPN becuase lower AD value in the routing table or it will send back with the original path (IPsec VPN)?

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni

‎03-20-2018 10:29 AM - edited ‎03-22-2018 06:15 AM

Hi,

Sorry, everyone for this stupid question. It is the default behavior of device (without NAT) that packet flow will check for acl and routing table. So reply packet will deliver via DMVPN connection. 

 

I didn't find any solution so I was configured a route-map with next hop address and it replies on the same path as I need (Via IPsec VPN). 

If you have any other solution, please share. 

 

Another solution, I found to monitor the routing with EEM.

 

Regards,

Deepak Kumar

 

 

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni

‎03-20-2018 10:29 AM - edited ‎03-22-2018 06:15 AM

Hi,

Sorry, everyone for this stupid question. It is the default behavior of device (without NAT) that packet flow will check for acl and routing table. So reply packet will deliver via DMVPN connection. 

 

I didn't find any solution so I was configured a route-map with next hop address and it replies on the same path as I need (Via IPsec VPN). 

If you have any other solution, please share. 

 

Another solution, I found to monitor the routing with EEM.

 

Regards,

Deepak Kumar

 

 

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card