cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1361
Views
0
Helpful
9
Replies

Redundant routers with IPSEC failover

jasonww04
Level 1
Level 1

For the failover between routers I plan to use HSRP:

####### Router 1 #######

interface FastEthernet0/0

ip address 151.4.0.21 255.255.255.0

standby 1 ip 151.4.0.20

standby 1 priority 120

standby 1 preempt

######## Router 2########

interface FastEthernet0/0

ip address 64.232.113.10 255.255.255.0

standby 1 ip 151.4.0.20

standby 1 priority 110

standby 1 preempt

Each router is connected to the internet via different ISPs. Router 1 has ISP A and router 2 has ISP B. I plan on using an IPSEC site-to-site VPN. How do I configure each router so when router 1 fails, router 2 will not only pick up all outgoing LAN traffic via HSRP, but also create the site-to-site VPN?

9 Replies 9

Istvan Matyasovszki
Cisco Employee
Cisco Employee

Hi,

The following document provides the description on a possible solution :

Configuring HSRP with IPsec

http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_vpn_ha_enhance_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1056265

Hope this helps

Best regards

Istvan