I have a customer that has requested a proposal to add redundancy to their network as part of a business continuity plan.
Currently their main office is connected to seven sales offices through a managed VPN provided by their parent company. Their parent company will not place a second line in each location in order to provide failover, so they are looking elsewhere.
The catch is that the managed VPN section of the network (that is, the routers and everything in between) cannot be changes or touched. It even may be impossible to get configurations of the routers involved.
I was toying around with the idea of placing a an extra line & router in each location, plus an additional routing device behind (that is, on the LAN side) the two internet/VPN facing routers, then possibly using tracking (cisco) to switch from one network to the other... but without knowing what is going on in the managed VPN in place, I am worried about routing etc.
They REALLY need to convince the parent company of the importance of the continuity plan so they will support the redundancy. Any other route (pun intended) will lead to many problems down the road. . .