LANCOM Support Knowledgebase
Document No. 1103.2114.0826.RHOO - V2.30
RIP between two routers in a VRRP group
The document describes how VPN connections from multiple branch offices can be accepted at the main office with redundant equipment.
LANtools as of version 9 (
download latest version
LCOS as of version 9 (
download latest version
Multiple branch offices (e.g. with LANCOM 178x) are to be distributed between 2 VPN gateways with redundant equipment (e.g. LANCOM 8011).
For example, a total of 10 VPN tunnels should be distributed between 2 LANCOM 9100+ (5 tunnels each). Furthermore, a backup in case of any failure of the hardware or Internet connection should be available.
This scenario can be implemented with the use of
rotocol) and RIP (
1) On both LANCOMs at the main office, all VPN connections have to be set up accordingly. For the VPN configuration at the branch offices, enter the VPN gateway that should be contacted in normal operation (
LANconfig -> VPN -> General -> VPN connection list
). The alternative VPN gateway is entered for the appropriate VPN connection in
LANconfig -> VPN -> General -> Further remote gateways
2) At the main office, VRRP is configured on the two LANCOM devices.
(LANconfig -> IP router -> VRRP)
two virtual routers.
There, you first set a checkmark on
Propose internal services on the virtual IPs
3) Now click on the the button
and create the required VRRP routers. The IP addresses
entered here are to be replaced with free IP addresses in your network.
Please note that, for the second LANCOM router, the entries for main priority must be reversed.
4) In order to enable the VRRP routers to use RIP to communicate with one another, navigate to
Routing protocols -> RIP -> RIP networks...
, select the network in use and set the option
5) In order to enable communication by RIP, the routing table in each of the two LANCOMs must be configured with the routes to the branch-office devices. In this example, the first VRRP router in normal operation handles the route to
and the second router handles the connection to
. Configure the routing rules as they are shown in the figures below:
Routing rule for Office 1:
Routing rule for Office 2:
The routing table must then contain the following entries:
As the last change, you must define one of the two virtual routers created as the default gateway for IP addressing on the DHCP server of your network. However, it is recommended to configure the two LANCOM routers as a DHCP server for the LAN, since this allows you to distribute both virtual VRRP IP addresses in the LAN and thus also achieve a load distribution in the LAN. The fact that both DHCP servers are on and assign the virtual address as a gateway, which is respectively master, results in a statistical distribution of the clients on one of the two routers.
On both devices, enable the DHCP server under
IPv4 -> DHCPv4 -> DHCP networks
. To avoid duplication, it is absolutely necessary that you
set the check box for DHCP clusters
Catchwords: vrrp; rip; backup; hardware failure
Please review this document!
This document was helpful
This document was