1. Home
  2. Cisco Systems
  3. How can I know if the site-to-site VPN tunnel is working

How can I know if the site-to-site VPN tunnel is working

Hi,

I have a network topology as the following:

  1. Two Cisco 2800 routers,
  2. A private line between these two routers, and they are running EIGRP
  3. Each Router has ASA Firewall and the firewall connecting to the internet through a broadband line
  4. A site-to-site VPN is built up between these two firewalls
  5. How can I know if the site-to-site VPN tunnel is working if no traffic goes through it, since it is the backup link for the private line ? Is tunnel self fire to keep the site-to-site up ?

Thanks so much in advance

Reply to
bensonlei
Loading thread data ...

You need to send some traffic through it. If averything is in parallel, you can simply do some host routes on each end from pc's to test, or change the gw on a pc on each end to point to the firewall instead of the router.

Reply to
PacketU

snipped-for-privacy@yahoo.com.hk schrieb:

ip sla track

and perhaps floating static routes

are the magic commands.

Set a static route through the VPN tunnel with a higher metric than the EIGRP learned route through the leased line. So if the EIGRP route goes down, the traffic will automagically routed through the VPN tunnel.

If your tunnel use tunnel interfaces you can also watch the up/down state of the tunnel interfaces and run EIGRP over the VPN link too.

Reply to
Uli Link

Hello

Please access my share web file link ---

formatting link

and please see my query which is in the vlan case1.jpg file.

Thanks in advance

Vikrant

Reply to
vicky

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.