It’s been an amazing week. With some invaluable help from DiGi engineers, I investigated and tested the a working VRRP backup pair of Cisco and DiGi routers to route to the DC over VPN (GRE over IPsec). I managed to set up a VPN hub (Cisco) with a branch spoke (Cisco), and then I set up a DiGi router, connected it to a branch switch and set up a VRRP pair between the branch Cisco router and the branch DiGi router. Finally, I set up a backup VPN tunnel to the VPN hub in the DC. The only workaround is that because DiGi doesn’t do EIGRP, i had to set up an OSPF neighborship over the tunnel to DiGi, and then on the hub redistribute the OSPF routes from the spokes into the main EIGRP process.
What does it mean:
- you can save quite a lot of money because a second Cisco router would cost much more than a DiGi does.
- DiGi does LTE much better than Cisco (it has two SIM slots for redundancy!)
- VRRP allows you to have 24×7 operations in case main Cisco fails because of the redundant tunnel on DiGi
- you can run Python scripts on DiGi to execute configurations conditionally
I still need to do more learning because DiGi CLI commands are a bit… well… non-intuitive to say the least, but at least I can get it up and running. In the next update I will include a working configuration on DiGi and Cisco.