Cisco 5505 - routing traffic to outside interface, if VPN tunnel isdown

Discussion in 'Cisco' started by Personne, Sep 30, 2009.

  1. Personne

    Personne Guest

    Hi,

    The subject is not very clear, but let me explain what I would like to
    try to achieve.

    Because of content filtering purpose I redirect all the traffic from
    our branches to our HQ through a VPN tunnel. This is working well, but
    I need a kind of disaster recovery plan, in case my HQ goes down.
    Indeed, by redirecting all my traffic to my HQ, if my HQ goes down the
    VPN will go down and then my branch offices won't even be able to go
    to the Internet.

    What I would like to do is:
    If the VPN tunnel is up between Site A and the HQ, then redirect all
    traffic to the HQ
    if the VPN tunnel is down, then route traffic to the outside
    interface, and allow my user at least to access the Internet

    Thanks for your help
     
    Personne, Sep 30, 2009
    #1

    1. Advertisements

  2. Personne

    Uli Link Guest

    A floating static route with higher metric (200 for e.g.) than the route
    through the VPN tunnel may do the job if your route to the HQ is learned
    via routing protocol.

    Don't know if the ASA also can track objects for static routes.
     
    Uli Link, Sep 30, 2009
    #2

    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads

  1. Termination of an IPSec VPN tunnel and a GRE Tunnel on one physical interface.

  2. PIX 506E Routing from Inside Interface network To outside interface network

  3. Routing Question - How to send default internet traffic to PIX and VPN traffic from router out inter

  4. ASA 5505 as hardware vpn client to PIX 501 or ASA 5505 with network extension mode activated

  5. Inside interface VPN to outside interface. loop-back?

  6. help with pix inside->outside + dmz->outside + inside->outside->dmz

  7. Pix 506e w/5 static outside IPs - How to create a rule to allow ALL tcp/udp traffic from one outside

  8. ASA5510 with Cisco VPN client. No traffic over VPN tunnel

Loading...