Cisco 5505 - routing traffic to outside interface, if VPN tunnel is down

- P
- Personne
  
  Contact options for registered users
posted
14 years ago

Wed, Sep 30, 2009 4:49 PM

Hi,

The subject is not very clear, but let me explain what I would like to try to achieve.

Because of content filtering purpose I redirect all the traffic from our branches to our HQ through a VPN tunnel. This is working well, but I need a kind of disaster recovery plan, in case my HQ goes down. Indeed, by redirecting all my traffic to my HQ, if my HQ goes down the VPN will go down and then my branch offices won't even be able to go to the Internet.

What I would like to do is: If the VPN tunnel is up between Site A and the HQ, then redirect all traffic to the HQ if the VPN tunnel is down, then route traffic to the outside interface, and allow my user at least to access the Internet

Thanks for your help

Loading thread data ...

- U
- Uli Link
  
  Contact options for registered users
Vote on answer
posted
14 years ago

Wed, Sep 30, 2009 5:05 PM

Personne schrieb:

A floating static route with higher metric (200 for e.g.) than the route through the VPN tunnel may do the job if your route to the HQ is learned via routing protocol.

Don't know if the ASA also can track objects for static routes.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.