How can I know if the site-to-site VPN tunnel is working
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||
|
Posted by on July 10, 2008, 11:16 am
Please log in for more thread options I have a network topology as the following: 1. Two Cisco 2800 routers, 2. A private line between these two routers, and they are running EIGRP 3. Each Router has ASA Firewall and the firewall connecting to the internet through a broadband line 5. A site-to-site VPN is built up between these two firewalls 6. How can I know if the site-to-site VPN tunnel is working if no traffic goes through it, since it is the backup link for the private line ? Is tunnel self fire to keep the site-to-site up ? Thanks so much in advance | |||||||||||||
|
Posted by PacketU on July 10, 2008, 9:49 pm
Please log in for more thread options You need to send some traffic through it. If averything is in parallel, you can simply do some host routes on each end from pc's to test, or change the gw on a pc on each end to point to the firewall instead of the router. | |||||||||||||
|
Posted by Uli Link on July 11, 2008, 5:27 am
Please log in for more thread options bensonlei@yahoo.com.hk schrieb:
> Hi,
> > I have a network topology as the following: > > 1. Two Cisco 2800 routers, > 2. A private line between these two routers, and they are running > EIGRP > 3. Each Router has ASA Firewall and the firewall connecting to the > internet through > a broadband line > 5. A site-to-site VPN is built up between these two firewalls > 6. How can I know if the site-to-site VPN tunnel is working if no > traffic goes through it, since it is the backup link for the private > line ? Is tunnel self fire to keep the site-to-site up ? > ip sla track and perhaps floating static routes are the magic commands. Set a static route through the VPN tunnel with a higher metric than the EIGRP learned route through the leased line. So if the EIGRP route goes down, the traffic will automagically routed through the VPN tunnel. If your tunnel use tunnel interfaces you can also watch the up/down state of the tunnel interfaces and run EIGRP over the VPN link too. -- Uli | |||||||||||||
|
Posted by vicky on July 16, 2008, 8:11 am
Please log in for more thread options Hello
Please access my share web file link --- http://vikrantpandey.diinoweb.com/files/ and please see my query which is in the vlan case1.jpg file. Thanks in advance Vikrant | |||||||||||||
| Similar Threads | Posted |
| VPN tunnel not working | January 7, 2008, 4:49 am |
| How can I know if the site-to-site VPN tunnel is working | July 10, 2008, 11:16 am |
| Call transfer full consult is not working properly, blind transfer is working instead | October 8, 2008, 8:04 pm |
| GRE Tunnel up/up Cannot ping tunnel interface | March 6, 2006, 3:55 pm |
| sh cdp n not working | September 1, 2005, 9:31 am |
| VPN working | October 7, 2005, 4:17 am |
| PBR not working | March 9, 2006, 3:02 pm |
| NAT/PAT not working in PIX 515 | April 27, 2006, 10:45 pm |
| QoS not working | February 26, 2007, 12:43 pm |
| PAT not working :-( | March 8, 2007, 3:38 pm |
| NTP not working? | April 4, 2007, 5:10 pm |
| PAT not working | April 9, 2007, 4:16 am |
| Help, FTP thru ASA not working | July 4, 2007, 6:04 pm |
| Cisco SDM is not working | July 11, 2005, 8:07 am |
| SSH stops working | July 17, 2005, 10:14 pm |
>
> I have a network topology as the following:
>
> 1. Two Cisco 2800 routers,
> 2. A private line between these two routers, and they are running
> EIGRP
> 3. Each Router has ASA Firewall and the firewall connecting to the
> internet through
> a broadband line
> 5. A site-to-site VPN is built up between these two firewalls
> 6. How can I know if the site-to-site VPN tunnel is working if no
> traffic goes through it, since it is the backup link for the private
> line ? Is tunnel self fire to keep the site-to-site up ?
>
>
> Thanks so much in advance