cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
414
Views
0
Helpful
5
Replies

Routing through VPN

ksarin123_2
Level 1
Level 1

Guys -

I am in the process of configuring a site-2-site VPN connection over DSL lines that we have installed at each branch office. The purpose of the VPN connection is to act as a backup when the main connection from the branch to the headquarters goes down. All branch offices and headquarters are connected thru MPLS. So the DSL lines have been installed only as a backup.

The VPN connection between the branch and HQ is terminating on a Cisco 3845 router at HQ. The 3845 sits behind the firewall. This 3845 also connects the HQ to the MPLS. I will call this 3845_A for reference purposes. In addition, there is another 3845 at HQ that is used in conjunction with 3845_A for load balancing over the MPLS. I will call this 3845_B.

Both A & B routers are connected to the same Cisco 3750 stack. The 3750 is running OSPF and can route traffic from HQ to branch offices either through A or B router. However, when a branch office goes down, the routes are removed from the 3750 and the VPN tunnel is initiated from the branch over the backup DSL.

All the servers at HQ are also connected to the 3750 stack (in a different vlan). So when a user at a branch office is trying to connect to a server at HQ, at that point the 3750 does not have a route back to the branch office. I can write static routes on the 3750 pointing all traffic for the branch office through the firewall, but those static routes will have to be removed each time the connection to the branch office is restored.

Sorry for the long post but I was wondering what's the best way to configure routing in this situation.

Thanks for your help!!

5 Replies 5

Jon Marshall
Hall of Fame
Hall of Fame

Could you not use floating statics on the 3750 ie.

ip route 200

The 200 means that the static route is not used because you have OSPF routes in the routing table. But if the OSPF routes disappear then the statics will be used. If the OSPF routes come back they will replace the statics.

Jon

Jon - Thanks for your reply.

If I use floating static routes, I will need to configure these routes on the 3750 pointing to the A router, since that is where the tunnel is being terminated.

Is it really that simple? Don't know how I even missed this.

Kunal

It's difficult to say whether it's that simple because it would need testing in your particular environment. But what i can say for sure is this

ip route 200

the 200 is the administrative distance. Any routes with an AD lower than 200, and OSPF routes will be lower than 200, will be used in the routing table instead of the statics.

If the OSPF routes disappear then the statics will be installed. The key is the "200" part. As long as this number is higher than the AD of the routing protocol in normal operation then yes it should work.

Jon

arupbiet2006
Level 1
Level 1

hi sarin ,

it's a very simple just u marge the both line as a same network.

Could you elaborate what you mean?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco