Solved

Site-to-Site VPN Load Balancing with Cisco

Posted on 2010-08-27
4
1,437 Views
Last Modified: 2012-05-10
What I am wondering about is if there is a way to load balance 2 VPN tunnels as one..  The picture below shows my situation... I have a site with 1 ISP that has a 2821 router, and a 2nd site with 2 different ISPs with a cisco 1841 router.  I am wondering if I can establish 2 seperate tunnels between the devices, and then somehow loadbalance traffic over the 2 seperate tunnels?  The reason I want to set this up is because the ISP3 in the picture below is much better than ISP1 and 2 and we are maxed out with ISP1 and 2 as far as bandwidth goes.

I am not interested in purchasing a seperate piece of equipment to handle the VPN load balancing... Just wondering if it is possible with the Ciscos we have?

 Example Picture
If that does not work out, then I am planning on establishing the 2 VPN tunnels, and sending some of our traffic through 1 tunnel, and the rest through the 2nd tunnel..  If you know of any problems with that type of setup, please feel free to let me know..

Appreciate any help you can provide!

Thanks!
0
Comment
Question by:cathchar
  • 2
  • 2
4 Comments
 
LVL 9

Accepted Solution

by:
ffleisma earned 500 total points
ID: 33544299
you can setup an GRE over ipsec instead of the normal l2l ipsec. the difference is that GRE over ipsec can carry routed protocols over the ipsec, effectively you would then be able to setup a routing protocol between the sites. OSPF and EIGRP are two routing protocols that enables load balancing.

with just an l2l ipsec VPN, i don't think you could load balance but you can have the setup fail-over for redundancy.

hope this helps :-)
0
 

Author Comment

by:cathchar
ID: 33544359
I've heard of GRE,,, but not too familiar with it... If anyone has any links about configuring GRE over IPSEC on ciscos, I'd be thankful for your post..

I definately need the encryption, so GRE over IPSEC sounds great...

Thanks ffleisma,,,  keep the info coming if you got it guys.,.. Appreciate it!
0
 
LVL 9

Expert Comment

by:ffleisma
ID: 33544410
0
 

Author Closing Comment

by:cathchar
ID: 33558779
Great info.. Exactly what I am looking for.  Thanks!
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now