Solved

VPN load balancing on Cisco router

Posted on 2007-03-28
4
322 Views
Last Modified: 2010-04-17
Hi

I have a 2800 series router at a remote location with 2 WIC's. The ISP has provided me with 2 T1 lines but will not bundle them (they have 2 different IP subnets. I need to establish a site-to-site VPN to the main location. Is there a way I can load balance traffic between 2 VPN tunnels?
0
Comment
Question by:netman70
  • 3
4 Comments
 
LVL 11

Accepted Solution

by:
billwharton earned 500 total points
ID: 18812484
Yes, you'll need a crypto map configured on each interface and establish a VPN tunnel through each interface. Thereafter, you can set up your routes to the remote network through both interfaces and this do the load-balancing. Not a very graceful solution though
0
 

Author Comment

by:netman70
ID: 18812672
Once Crypto maps have been configured for each interface, how would I load balance traffic  through the 2 tunnels? How would I configure routing statements for VPN traffic? Am I looking at problems with out-of-sequence packets?

0
 
LVL 11

Expert Comment

by:billwharton
ID: 18812776
your best bet would to break up the remote network into two subnets and route each subnet over different routes.
So if you have a 10.1.1.0/24 network, break it into 10.1.1.0/25 giving you two subnets:
10.1.1.1 - 10.1.1.127 &
10.1.1.128 - 10.1.1.254

Then establish two routes for each outgoing interface and put in both the above networks on the routes but with different metrics. For routing, all you have to do is put in:
ip route <remote LAN subnet> <remote LAN subnet mask> <gateway which will be ISP's router>

This is a kind of a solution that has to be tried to see how it works. Cisco doesn't have any config examples for this
0
 
LVL 11

Expert Comment

by:billwharton
ID: 18854130
Did that work out well for you?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now