EIGRP routing question
192.168.40.251 ipsec 10.3.45.254
PIX-----------------------
SITE A ! ! SITE B
! !
10.2.100.0 ! 100Mb ! 10.3.44.0
--------------------------
I have the above scenario with an 100Mb connection between site A and Site B. There's also an IPsec tunnel in place using an SDSL connection. I would like to use dymanic routing to failover the 100Mb to the ipsec tunel when 100mb goes down and I would also like to route internet traffic of SITE A to SITE B whenever the ISP on SITE A drops. I have configure a port on 3750 as routing IF and enabled EIGRP for simplicity, I have then setup floating static with higher metrics to failover SITE A to B whenever 100mb drops. What I am unsure is the best method of routing the internet traffic of site A to site B whenever the 100mb line fails. Can the Cisco Firewalls partecipate in the EIGRP layout?
Below are the changes I have made on both sites, could you kindly advise the best way of doing this?
on the 3750
!
router eigrp 30
network 10.2.100.0 0.0.0.255
network 172.16.1.0 0.0.0.3
auto-summary
eigrp stub connected summary
!
ip classless
Ip route 0.0.0.0 0.0.0.0 192.168.40.251
ip route 10.3.44.0 255.255.254.0 192.168.40.251 200
!
on the 2600
!
router eigrp 30
network 10.3.44.0 0.0.1.255
network 172.16.1.0 0.0.0.3
auto-summary
!
ip classless
Ip route 0.0.0.0 0.0.0.0 10.3.45.254
ip route 10.2.100.0 255.255.255.0 10.3.45.254 200
!
Expert-Case.pdf
ASKER
interesting ..so for example if I would like to set it up on the SITE A side (on the 3750)
!
route 0.0.0.0 0.0.0.0 192.168.40.251 1 track 1
!
sla monitor 2
type echo protocol ipIcmpEcho <internet object>
sla monitor schedule 2 life forever start-time now
!
track 1 rtr 2 reachability
!
Route 0.0.0.0 0.0.0.0 172.16.1.2 250 ****** floating static with higher metric ********
!
This should route my internet traffic via the 100Mb when the icmp packets to the internet object time out, correct?
By the way I just realised that Eigrp has been implemented on PIX/ASA v. 8.x, does it make any difference?
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008086ebd2.shtml
hey, thanks for you help
!
route 0.0.0.0 0.0.0.0 192.168.40.251 1 track 1
!
sla monitor 2
type echo protocol ipIcmpEcho <internet object>
sla monitor schedule 2 life forever start-time now
!
track 1 rtr 2 reachability
!
Route 0.0.0.0 0.0.0.0 172.16.1.2 250 ****** floating static with higher metric ********
!
This should route my internet traffic via the 100Mb when the icmp packets to the internet object time out, correct?
By the way I just realised that Eigrp has been implemented on PIX/ASA v. 8.x, does it make any difference?
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008086ebd2.shtml
hey, thanks for you help
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Jfrederick29.
i.e.
On the 3750, have a primary default route via the PIX which you already have but use IP SLA to ensure reachability to an Internet host via the local Internet connection. Configure a backup default route via the 100mb. Do the same thing for the LAN subnet but with the primary the 100mb and the PIX the backup.
On the 2600, do the same thing. A primary default via the ASA with tracking and a backup default over the 100mb to the other site and the same for the LAN subnets.
Are you familiar with IP SLA or do you need further explanation?