для Cisco Cisco 1800 2800 3800 Series 4-Port Async Sync Serial High-Speed WIC
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 30 of 63
7. Site-to-Site IPsec VPN
The enterprise world is a mix of different industries with their unique requirements. The goal of the enterprise
network is to transfer information reliably and securely between two or more endpoints. This section discusses
commonly deployed methods in enterprise networks to achieve this goal. Most enterprise networks use common
features such as encryption, tunneling, dynamic routing, and policy-based routing. Depending on the scale and
manageability of an enterprise network, different techniques and methods are used to design the enterprise
networks.
Most enterprises use some type of encryption when they pass information across the WAN between sites. The
IPsec connectivity between the branch office and the central office. The branch-office router has DSL as a wired
primary connection and 4G LTE as a backup WAN. The site-to-site IPsec is configured over both WAN transports.
Object tracking is used to achieve primary-to-backup failover.
Figure 7. Network Topology for Site to IPsec over 4G as Backup
Configuration of Branch-Office Router
!
ip dhcp excluded-address 10.4.0.254
!
ip dhcp pool lte
network 10.4.0.0 255.255.0.0
dns-server 66.209.10.201 66.102.163.231
default-router 10.4.0.254
!
chat-script lte "" "AT!CALL1" TIMEOUT 20 "OK"
!
track 234 ip sla 1 rechability