How can I know if the site-to-site VPN tunnel is working

How can I know if the site-to-site VPN tunnel is working
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
How can I know if the site-to-site VPN tunnel is working bensonlei 07-10-2008
Posted by on July 10, 2008, 11:16 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi,

I have a network topology as the following:

1. Two Cisco 2800 routers,
2. A private line between these two routers, and they are running
EIGRP
3. Each Router has ASA Firewall and the firewall connecting to the
internet through
a broadband line
5. A site-to-site VPN is built up between these two firewalls
6. How can I know if the site-to-site VPN tunnel is working if no
traffic goes through it, since it is the backup link for the private
line ? Is tunnel self fire to keep the site-to-site up ?


Thanks so much in advance

Network Magic 20% Off NMEASY coupon code spring banner 468x60
Posted by PacketU on July 10, 2008, 9:49 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> Hi,
>
> I have a network topology as the following:
>
> 1. Two Cisco 2800 routers,
> 2. A private line between these two routers, and they are running
> EIGRP
> 3. Each Router has ASA Firewall and the firewall connecting to the
> internet through
> a broadband line
> 5. A site-to-site VPN is built up between these two firewalls
> 6. How can I know if the site-to-site VPN tunnel is working if no
> traffic goes through it, since it is the backup link for the private
> line ? Is tunnel self fire to keep the site-to-site up ?
>
>
> Thanks so much in advance

You need to send some traffic through it. If averything is in parallel, you
can simply do some host routes on each end from pc's to test, or change the
gw on a pc on each end to point to the firewall instead of the router.



Posted by Uli Link on July 11, 2008, 5:27 am
If you were  Registered and logged in, you could reply and use other advanced thread options
bensonlei@yahoo.com.hk schrieb:
> Hi,
>
> I have a network topology as the following:
>
> 1. Two Cisco 2800 routers,
> 2. A private line between these two routers, and they are running
> EIGRP
> 3. Each Router has ASA Firewall and the firewall connecting to the
> internet through
> a broadband line
> 5. A site-to-site VPN is built up between these two firewalls
> 6. How can I know if the site-to-site VPN tunnel is working if no
> traffic goes through it, since it is the backup link for the private
> line ? Is tunnel self fire to keep the site-to-site up ?
>

ip sla
track

and perhaps floating static routes

are the magic commands.

Set a static route through the VPN tunnel with a higher metric than the
EIGRP learned route through the leased line. So if the EIGRP route goes
down, the traffic will automagically routed through the VPN tunnel.

If your tunnel use tunnel interfaces you can also watch the up/down
state of the tunnel interfaces and run EIGRP over the VPN link too.

--
Uli

Posted by vicky on July 16, 2008, 8:11 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello

Please access my share web file link ---


http://vikrantpandey.diinoweb.com/files/


and please see my query which is in the vlan case1.jpg file.


Thanks in advance


Vikrant



Similar ThreadsPosted
VPN tunnel not working January 7, 2008, 4:49 am
Call transfer full consult is not working properly, blind transfer is working instead October 8, 2008, 8:04 pm
One IPsec tunnel and no ISAKMP tunnel. December 29, 2004, 8:54 pm
GRE Tunnel up/up Cannot ping tunnel interface March 6, 2006, 3:55 pm
Ipsec tunnel with in another tunnel November 16, 2005, 7:07 pm
if CEF is working ? [ was T1 x 2] April 21, 2005, 10:20 am
sh cdp n not working September 1, 2005, 6:31 am
VPN working October 7, 2005, 10:17 am
PBR not working March 9, 2006, 3:02 pm
NAT/PAT not working in PIX 515 April 27, 2006, 10:45 pm

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map