Site-to-Site VPN as Primary with PtP as backup in an OSPF environment?
I thought I found a solution for this previously, but can't seem to find it again. If someone knows of a link, please post it. I'm not sure if IP SLA's would do this.
My company has historically used point-to-point connections for our WAN. Recently, to reduce costs and increase bandwidth, we installed a 10Mbps Internet link in our Oakland office and want to use it as the primary WAN link. We have an ASA 5505 in that office and an ASA 5520 in our DC office. The current PtP T1 WAN link between those offices is still cost effective as a backup, so we would like to use the Site-to-Site VPN between the two ASA's as a Primary link. But if it goes down, we would like to insert routes to redirect traffic across the PtP T1.
The past 5 years or so we've been using OSPF as our routing protocol. But to get routing across the VPN to work properly, I had to disable OSPF on the routers in the remote office. So if the Internet connection drops (whether it's the local connection or the one in the DC office) traffic between the Oakland office and the rest of our offices would stop until the link is fixed.
Is it possible to somehow integrate VPN links in an OSPF environment? Such that if the VPN cannot be established, different routes are inserted in the routing table to use the T1?
I can supply some basic router/WAN topology diagrams if it would help.
Re: Site-to-Site VPN as Primary with PtP as backup in an OSPF en
you can run OSPF on top of IPSEC using GRE. if the ipsec is not established i dont have any backup paths but i presume if you have routes in your table with higher metric/AD that link might be used as backup. not sure if it would achieve your purpose.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...