Thursday, 6 August 2009

IPSec Tunnel..with a difference Part 2

Another Part2 ! This one you seen alot in production enviroments and that is "Floating Statics" or as I like to call them "Backup Floaters" :)

Here is the lab:



As we have already tackled most of the config here I wont waste your time by going through it again.

Therefore the configuration below is only concerned with the ISDN link.

BB2:

isdn switch-type basic-ni
!
interface BRI0/0
ip address 192.168.2.2 255.255.255.0
encapsulation hdlc
dialer map ip 192.168.2.1 broadcast 21
dialer-group 1
isdn switch-type basic-ni
isdn point-to-point-setup
!
ip route 0.0.0.0 0.0.0.0 192.168.2.1 200 name BackupFloater


Core:

interface BRI0/0
ip address 192.168.2.1 255.255.255.0
dialer map ip 192.168.2.2 broadcast 11
dialer-group 1
isdn switch-type basic-ni
!
ip route 0.0.0.0 0.0.0.0 192.168.2.2 200 name BackupFloater



Then as R1 does not know about the 192.168.2.0 network:
R1

ip route 0.0.0.0 0.0.0.0 192.168.4.2 200 name BackupFloater



Done!

Notes:
I set the AD to 200 so that if in the future a dynamic routing protocol is used the default static floater will not get in the way.
The ISDN connection here does not use any sort of authentication, if that is important to you and it should be in production! look here

No comments: