Load Balance Over VPN Connections On Cisco 1800 Series Routers

Posted on 2010-01-10
Medium Priority
Last Modified: 2012-05-08
I've been asked to see if it is possible to utilise multiple VPN's over mutiple DSL connections to, in effect, provide aggregated bandwidth for connections by dumb terminals to a small Citrix server cluster.

I was wondering if it might be possible to use GRE tunnels protected by IPsec and run a routing protocol over the tunnels to dynamically load balance and route the traffic across the least congested link but after a bit of reading I'm beginning to think that it might not be possible with just a couple of 1800 series routers.

Can an Expert comment on this please?

Question by:TSG_Users
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 22

Accepted Solution

Jody Lemoine earned 500 total points
ID: 26279851
There's no reason why it can't be done with GRE/IPsec or IPsec VTI interfaces on 1800 series routers.  A little bit of tuning needs to be done to make sure that the tunnels are sending and receiving on the correct DSL connections, but it's certainly doable.  What is it that you've been reading that makes you think it might not be?

Assisted Solution

Vito_Corleone earned 500 total points
ID: 26279950
You can load balance across multiple links, but the traffic won't necessarily take the least congested link. It will be load balanced in a round robin type fashion (either per packet or per destination). Like the above poster said, it's definitely possible.

Ideally you would use a routing protocol across the tunnels, like OSPF or EIGRP. These will load balance across equal path links natively.

Author Comment

ID: 26282581
Thanks, I thought that is might be possible using EIGRP or OSPF, other posts on forums have been more vague and seem to tend toward the need to use a switch to carry out the load balancing or just get pre-aggregated DSL connections (not an option in this case)

I think that I'll see if I can get a test up and running in GNS before asking the client to splash out :)

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question