Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1233
Views
0
Helpful
3
Replies

Load Balancing Concentrator

sykhoo
Level 1
Level 1

‎02-24-2003 10:52 PM - edited ‎02-20-2020 10:34 PM

Hi,

I'm currently deploying 2 x 3030 for a customer doing load balancing. Since both are of the same model, I set the priority for both boxes to 10 as advised in the documentation. However, when I tried to test the setup by shutting down the master, the slave did not take over(The documentation did mention that it should take over). I keep on getting this message :

182 02/24/2003 21:42:45.170 SEV=4 IP/5 RPT=5

Client Static ARP delete of <IP address of VPN> failed for Interface 2.

Couldnt' find anything that can explain this on CCO. Could someone help?

The documentation also did not mention what will happen to existing connections should one of the devices fail. Anybody any idea?

Most of all, is there a documentation that list all log messages and give ample explanation on them?

0 Helpful
3 Replies 3

gfullage
Cisco Employee
Cisco Employee

‎02-27-2003 03:57 PM

Do you have IPSec configured under the load-balancing section? If so, try turning that off and see if it works better. If it does, then we can turn it back on, but go under the Configuration/System/Tunneling protocols/IPSEC/IKE proposals and activate the proposal "IKE-3DES-MD5" on both boxes, or at least check that it is active.

If either device fails, then all users will be disconnected and have to reconnect. They don't have to change anything in their client, they just hit Connect and the load balancing will make sure that everyone connects into the only active concentrator.

As for the documentation, this is coming, a lot of customers have asked for this. Converting all the error messages into HTML format will take a while though, but it is being done as time permits.

0 Helpful

sykhoo
Level 1
Level 1
In response to gfullage

‎03-03-2003 08:03 PM

Hi gfullage,

thanks for the reply.

Just another question : Now that we know that load balancing does not failover active remote access connection to the remaining boxes and that users have to reconnect again, I would like to know if VRRP will be able to do it.

That is, if instead of load balancing, VRRP is configured, do users have to reconnect again should the existing Concentrator that they are connecting to fails.

0 Helpful

engel
Level 2
Level 2
In response to sykhoo

‎03-26-2003 03:49 AM

VRRP will not failover active connection to the backup device. Client has to re-connect again. This is the same with load-balancing. Currently VPN3000 does not able to do "statefull VPN failover".

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card