Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Adding a back up route on 4510R switch

Posted on 2013-06-04
1
Medium Priority
?
329 Views
Last Modified: 2013-06-04
Hi, all.

We have MPLS router connected to a Cisco 4510R switch and also have seperate internet router connected to a firewall and then to the same 4510R switch.

MPLS is used to connect to our datacenter and all internet traffic goes through the firewall to the internet circuit.

I would like to create a IPSec VPN tunnel between this office and datacenter using the firewalls throught the Internet circuit in case MPLS circuit fails.

How do I configure Cisco 4510R to failover between the two routes?

We are using OSPF on this switch and BGP over the MPLS network.

Thanks.
0
Comment
Question by:Infamus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 22

Accepted Solution

by:
Jody Lemoine earned 2000 total points
ID: 39220000
If all of your Internet traffic is going to the firewalls anyway, it's a fairly simple matter.

Just create an IPsec tunnel between the two firewalls for the networks at each office. If the MPLS VPN connection fails, the 4510R will stop receiving the routes for the remote sites. When this happens, the only route it will have left, assuming you haven't null-routed anything, will be the default route to the Internet firewall. When the firewall gets traffic for the remote site, it will encapsulate it in the IPsec tunnel and it will be sent to the remote site. No configuration on the 4510R required.

This, of course, makes a few assumptions about your configuration. Let me know if you think anything in your particular configuration will pose a problem.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times where you would like to have access to information that is only available from a different network. This network could be down the hall, or across country. If each of the network sites have access to the internet, you can create a ne…
This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question