Redundant VPN with IBGP - Newbie Question

Discussion in 'Cisco' started by Charles Jennings, Jun 3, 2004.

  1. I need some help/direction on setting up redundancy in the following
    situation:

    Site A:
    **********************************************************************
    * ISP A (E1)-----PIX Firewall----3725 Router----Interior LAN *
    * | *
    * | *
    * ISP B (Cable Modem)----------------| *
    **********************************************************************

    Site B:
    **********************************************************************
    * ISP A (T1)-----PIX Firewall----3725 Router----Interior LAN *
    * | *
    * | *
    * ISP B (T1)------------------VPN Concentrator *
    **********************************************************************

    I have a tunnel setup between the two PIX firewalls which is my
    preferred route
    I have a tunnel setup between the 3725 (Site A) and the VPN
    Concentrator (Site B).

    Currently, I have to manually change the default routes on the two
    3725 routers in a recovery situation of a preferred route failure.

    I have tried to read up on BGP - but don't quite understand how to
    configure in this situation to automatically fail over to the second
    tunnel in case of a failure in the primary tunnel.

    Can someone out there with BGP experience help me to configure this
    fail-over. I would greatly appreciate configuration example on each 3725.

    Thanks,

    Charles Jennings
     
    Charles Jennings, Jun 3, 2004
    #1
    1. Advertisements

  2. In article <>,
    Charles Jennings <> wrote:
    >I need some help/direction on setting up redundancy in the following
    >situation:
    > . . .
    >I have tried to read up on BGP - but don't quite understand how to
    >configure in this situation to automatically fail over to the second
    >tunnel in case of a failure in the primary tunnel.
    >
    >Can someone out there with BGP experience help me to configure this
    >fail-over. I would greatly appreciate configuration example on each 3725.
    >
    >Thanks,
    >
    >Charles Jennings


    http://www.networkingunlimited.com/white009.html

    --
    Vincent C Jones, Consultant Expert advice and a helping hand
    Networking Unlimited, Inc. for those who want to manage and
    Tenafly, NJ Phone: 201 568-7810 control their networking destiny
    http://www.networkingunlimited.com
     
    Vincent C Jones, Jun 4, 2004
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.