Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Site-to-Site DSL VPN with ISDN Backup

Hello everybody,

i'm a little bit stucked here so i hope someone can point me into the right direction.

We have 2 1841 routers with ISDN BRI interfaces.

One Router (master) has two Ethernet interfaces pointing to LAN and WAN. The WAN interface is a public static IP.

The Router (slave) dials with a pppoe client into DSL an builds up a IPSec tunnel with the (master) peer. Works well

No i've configured a tracking object on the slave (a IP address behind the IPsec tunnel) so when the tunnel fails the ISDN Backup is triggerd. This works as well.

I have a problem though: on the master i have only one static route 0.0.0.0 0.0.0.0 WAN interface so the packets send from the slave never come back because of the default route.

How can i manage to insert another static route say 0.0.0.0 0.0.0.0 dialer2 (ISDN) only when the tunnel isn't available?

Thank you...

regards,

Chris

7 REPLIES
Hall of Fame Super Gold

Re: Site-to-Site DSL VPN with ISDN Backup

Use a floating static route.

New Member

Re: Site-to-Site DSL VPN with ISDN Backup

Hi, thank you for your reply. Does this mean i have to use ospf as a routing protocol?

The IP Adress of the Dialer 1 (pppoe interface) is negotiated and dynamic.

Hall of Fame Super Gold

Re: Site-to-Site DSL VPN with ISDN Backup

Not necessarily, but in many cases routing makes things easier.

How do you obtain address also doesn't matter.

Note this kind of configurations are better done by a professional, if you never did it before it can take a lot of trial and error to get it 100% right.

New Member

Re: Site-to-Site DSL VPN with ISDN Backup

"Note this kind of configurations are better done by a professional, if you never did it before it can take a lot of trial and error to get it 100% right."

:) you're so right, now this is the 3rd day of trial and there where more errors :)

I cannot see any CLI commands any more :(

OK, i'll try to figure this out.

Silver

Re: Site-to-Site DSL VPN with ISDN Backup

CCO contains so much information on how to set up dial backup with floating statics and/or routing protocols, you might want to check out these examples instead of spending additional time with trial and error.

This example has a serial connection as the primary path, but it could as easily be a VPN tunnel.

http://www.cisco.com/en/US/tech/tk801/tk133/technologies_configuration_example09186a0080093f7e.shtml

Hall of Fame Super Gold

Re: Site-to-Site DSL VPN with ISDN Backup

I'm glad that you recognize my point.

Unfortunately many people refuse to see the point of paying $200 to have it done professionally.

At least, that is what I would charge.

New Member

Re: Site-to-Site DSL VPN with ISDN Backup

I agree with you to pay professionals but lets face the facts: people are spending a couple of hours to digg deep into the documetation to finaly find out that the documentation isn't quite suitable for them (outdated, wrong requirements, etc).

Now there's two kind of people:professionals and professionals. One professional is very good in doing WAN Routers, the other only LAN Switching etc.

We are 3 people here and have to run a network (LAN/WAN/VPN/Firewall/ etc) with over 1300 employees and 1500 customers.

So you see its not the point of paying 200$ or 2000$ for a professional, this is given.

Its the point of having a very easy/basic setup (Site-to-Site VPN with ISDN Backup) and you need a little hint how to do it.

To cut a long story short: i've managed to fix it.

In the attachement are the configs of the two router and a network plan of the setup.

219
Views
0
Helpful
7
Replies