If your using static routing, cant you just use a floating static route pointing to Tunnel B? Or your could track an interface / route and it will use your second static route should tunnel A go down.
(You could also set up HSRP (Depending on your setup)... SNAT if you are NATing and the NAT translations will switch over automatically.) Or if your really adventurous, you could set up PfR / OER :) ... Or even an EEM script!
If its the same traffic just using a different route, the same ACL should work fine.
I think the hardest part is deciding what will work for you as there are a bunch of different options to choose from.
Hope that helps a little.
On Aug 19, 2010, at 1:19 AM, groupstudy wrote:
> Guys,
>
> Any ideas?
>
> Rick
>
> On Wed, Aug 18, 2010 at 3:59 PM, groupstudy <groupstudy_at_gmail.com> wrote:
>
>> Hi Everyone,
>>
>> Quick question. I have two vpn tunnels and i have a static route that
>> points to my internet default gateway IP Address.
>>
>> I want to use tunnel A as the primary and tunnel B and secondary.
>>
>> i think it would use the sequence number and pick the first tunnel that had
>> the matching ACL to encrypt traffic, but if that tunnel went down would it
>> then move on to the next tunnel that could accept this traffic (similar
>> ACL).
>>
>> Thanks,
>> Rick
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Aug 19 2010 - 06:49:03 ART
This archive was generated by hypermail 2.2.0 : Wed Sep 01 2010 - 11:20:52 ART