• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 331
  • Last Modified:

Adding a back up route on 4510R switch

Hi, all.

We have MPLS router connected to a Cisco 4510R switch and also have seperate internet router connected to a firewall and then to the same 4510R switch.

MPLS is used to connect to our datacenter and all internet traffic goes through the firewall to the internet circuit.

I would like to create a IPSec VPN tunnel between this office and datacenter using the firewalls throught the Internet circuit in case MPLS circuit fails.

How do I configure Cisco 4510R to failover between the two routes?

We are using OSPF on this switch and BGP over the MPLS network.

1 Solution
Jody LemoineNetwork ArchitectCommented:
If all of your Internet traffic is going to the firewalls anyway, it's a fairly simple matter.

Just create an IPsec tunnel between the two firewalls for the networks at each office. If the MPLS VPN connection fails, the 4510R will stop receiving the routes for the remote sites. When this happens, the only route it will have left, assuming you haven't null-routed anything, will be the default route to the Internet firewall. When the firewall gets traffic for the remote site, it will encapsulate it in the IPsec tunnel and it will be sent to the remote site. No configuration on the 4510R required.

This, of course, makes a few assumptions about your configuration. Let me know if you think anything in your particular configuration will pose a problem.

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now