[Pjotr]

Currently, 20 branch offices are connected to the main office via IPSec VPN links. All branch offices are hooked up to the Internet by a cable modem. Most traffic going over the VPN links is coming from RDP sessions and print jobs.

This setup works well, but sometimes the cable Internet connections go down. Usually this is due to problems in the cable network. We would like to use a backup or redundant VPN connection over another WAN link, preferably ADSL (cost wise) in case the main connection of the branch offices goes down.

The current routers at the branch offices are becoming EOL and need to be replaced. What routers can I use as replacements that support backup VPN links?

I've looked at 851's and 857's and they seem a good choice. The 851 can be connected to the cable modem and when the cable connection goes down the 851 could use the 857 as a backup default gateway. But I'm probably being too naive here because were using VPN links which cannot be easily rebuild in a failover situation. The servers at our main office would have a problem with responding to right default gateway. (Hope this makes sense...)

Has someone created a similar setup or knows how to build one?

Any feedback on creating a VPN failover setup is greatly appreciated!