XPost: comp.dcom.sys.nortel   
   From: jjm@magma.ca   
      
   Have you looked into 2 Routers doing VRRP to resolve this issue?   
      
      
    wrote in message   
   news:1178214784.411049.89720@y80g2000hsf.googlegroups.com...   
   > Hi everyone,   
   >   
   > We are currently migrating all of our remote store sites to Nortel   
   > Contivity 1100 routers (called 1100 VPN routers now I believe).   
   >   
   > At our head office and DRP site we have 1750's, which the 1100's will   
   > be connecting to via branch office tunnels.  We also have a 2208   
   > alteon (application switch) at each site which will be doing load   
   > balancing and failover between the head office and DRP site.   
   >   
   > All is fine with the current setup, we setup the 1100's to connect to   
   > vpn.domain.com (not real) for the destination of the tunnel and route   
   > all traffic down that tunnel.   
   >   
   > The problem we have now is, we have another ethernet interface in the   
   > 1100's we want to use as a backup interface incase the tunnel using   
   > the main line dies.  We have cellular routers that go over the HSDPA   
   > or EDGE networks we want to utilize on this secondary ethernet   
   > interface, only if the main line is down.   
   >   
   > First we tried using Demand with the trigger as ping, but the router   
   > will not allow us to use a DNS name for the destination address... so   
   > we do not want to just point to one address, incase that one address   
   > dies all of our stores would switch over to the backup interface.  If   
   > we could somehow ping our destination for our BOVPN it would be great   
   > (because our vpn.domain.com contains the addresses of both our sites).   
   >   
   > Interface groups would also be nice, which we have tried as well... in   
   > the interface group we added the two tunnels to both 1750's and setup   
   > the Demand trigger to use this group.  Now, when we disconnect the   
   > main line in testing, it switches over to the backup line and   
   > establishes the tunnel.  Problem with this is, now that the interface   
   > group is back up, because the tunnels are back online, the router   
   > tries to switch back over to the main line even though it is still   
   > down.  Then it notices the interface group has dropped once more   
   > (because the main line is still down) and switches to backup again -   
   > this loop continues until the main line is actually back up.   
   >   
   > I guess I am just looking for any recommendations on how we can   
   > possibly configure this to have complete redundancy at our remote   
   > sites.   
   >   
   > So, in review... we have a contivity 1100 at the remote sites with 2   
   > ethernet interfaces, both online. We want the main line (DSL)   
   > connected to a tunnel via a DNS name (vpn.domain.com - which has 2 ips   
   > of each of our 1750s at the head office and DRP site).   
   >   
   > Once the tunnel dies, we want to establish another tunnel with the   
   > secondary ethernet interface (cellular) and route all traffic through   
   > it, but only until the main line (DSL) has come back online.... at   
   > that point we would want the tunnel to re-establish using that   
   > interface.   
   >   
   > Any recommendations are greatly appreciated.   
   >   
   > Thank you.   
   >   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)