Why doesn't anyone res[pond to my query?
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||
|
Posted by on May 25, 2006, 7:51 pm
Please log in for more thread options I am a networking newbie, working on a project to upgrade the current VPN gateway in my company. Here's the scenario: I have a VPN gateway at a remote site which I would call as C. There are two VPN gatewy's A and B at my current site. B is the main gateway and A is a backup in case B fails. I have setup Site-to-Site Tunnels on all these gatewyas with appropriate security associations. I am using the IPSEc security profile. C has tunnels to both A and B.B tunnel has metric 0 and A has metric on 1. B has a tunnel to C and knows that its failover option is A. I have tested the tunnels manually and they seem to work fine. My question to you guys, Currenlty I setup a static route on the core at the current site to route all traffic to C through VPN gateway B. In case of B failing, I will have to manually change this route to go through VPN A. Is there a way by which I could automate this routing change? I am using Shiva 3115 VPN gateways and they have an option to configure OSPF. Do I need to setup dynamic routing on the VPN gateways or on the main core?And how? Thank you in advance. Ankit | |||||||||||||
|
Posted by Simon on May 26, 2006, 4:16 am
Please log in for more thread options ospf will then advertise the network at location C down both tunnels to A and B. Make the ospf cost higher on the link via A so that the tunnel via B gets used. When the link between B and C go down the route will disappear and the alternate route via A would get used. Whatever is the default router at the central site would also need to be ospf aware so it learns these routes. simon | |||||||||||||
| Similar Threads | Posted |
| Routiing Query | March 27, 2006, 7:45 am |
| Why doesn't anyone res[pond to my query? | May 25, 2006, 7:51 pm |
| VPN Gateway Failover query | May 23, 2006, 7:16 pm |
| 3005 VPN does not respond on console port | May 29, 2006, 5:02 pm |
>
> I am a networking newbie, working on a project to upgrade the current
> VPN gateway in my company.
> Here's the scenario:
> I have a VPN gateway at a remote site which I would call as C.
> There are two VPN gatewy's A and B at my current site.
> B is the main gateway and A is a backup in case B fails.
> I have setup Site-to-Site Tunnels on all these gatewyas with
> appropriate security associations.
> I am using the IPSEc security profile.
> C has tunnels to both A and B.B tunnel has metric 0 and A has metric on
>
>
>
> 1.
> B has a tunnel to C and knows that its failover option is A.
> I have tested the tunnels manually and they seem to work fine.
> My question to you guys, Currenlty I setup a static route on the core
> at the current site to route all traffic to C through VPN gateway B. In
>
>
>
> case of B failing, I will have to manually change this route to go
> through VPN A.
> Is there a way by which I could automate this routing change?
> I am using Shiva 3115 VPN gateways and they have an option to configure
>
>
>
> OSPF.
> Do I need to setup dynamic routing on the VPN gateways or on the main
> core?And how?
>
>
> Thank you in advance.
> Ankit
>