I am in the process of configuring a site-2-site VPN connection over DSL lines that we have installed at each branch office. The purpose of the VPN connection is to act as a backup when the main connection from the branch to the headquarters goes down. All branch offices and headquarters are connected thru MPLS. So the DSL lines have been installed only as a backup.
The VPN connection between the branch and HQ is terminating on a Cisco 3845 router at HQ. The 3845 sits behind the firewall. This 3845 also connects the HQ to the MPLS. I will call this 3845_A for reference purposes. In addition, there is another 3845 at HQ that is used in conjunction with 3845_A for load balancing over the MPLS. I will call this 3845_B.
Both A & B routers are connected to the same Cisco 3750 stack. The 3750 is running OSPF and can route traffic from HQ to branch offices either through A or B router. However, when a branch office goes down, the routes are removed from the 3750 and the VPN tunnel is initiated from the branch over the backup DSL.
All the servers at HQ are also connected to the 3750 stack (in a different vlan). So when a user at a branch office is trying to connect to a server at HQ, at that point the 3750 does not have a route back to the branch office. I can write static routes on the 3750 pointing all traffic for the branch office through the firewall, but those static routes will have to be removed each time the connection to the branch office is restored.
Sorry for the long post but I was wondering what's the best way to configure routing in this situation.
Could you not use floating statics on the 3750 ie.
ip route 200
The 200 means that the static route is not used because you have OSPF routes in the routing table. But if the OSPF routes disappear then the statics will be used. If the OSPF routes come back they will replace the statics.
It's difficult to say whether it's that simple because it would need testing in your particular environment. But what i can say for sure is this
ip route 200
the 200 is the administrative distance. Any routes with an AD lower than 200, and OSPF routes will be lower than 200, will be used in the routing table instead of the statics.
If the OSPF routes disappear then the statics will be installed. The key is the "200" part. As long as this number is higher than the AD of the routing protocol in normal operation then yes it should work.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.