Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
520
Views
0
Helpful
4
Replies

Pix dynamic re-routing via backup peer

mlj
Level 1
Level 1

‎06-09-2004 11:52 AM - edited ‎02-20-2020 11:27 PM

Is it possible to dynamically re-route via a backup peer2peer VPN to a different site (device) than the original peer in the event that the primary peer2peer VPN goes down?

Or does this mean changing the access-list / crypto map to a different peer manually in the event of a VPN failure.

the two remote sites have a backend network running dynamic routing protocols.

thanks in advance

0 Helpful
4 Replies 4

ehirsel
Level 6
Level 6

‎06-10-2004 09:50 AM

You can code a 2nd peer address in the existing crypto map entry (at least with IOS and PIX), along with configuring isakmp keepalive to detect when one peer drops off. When interesting traffic happens, the ipsec sa's and isakmp sa's should get renegotiated between the new peers.

The newer cisco ios code, 12.3, has the ability to tie crypto maps to hsrp addresses too.

This will work as long as each peer has reachability to the other end.

0 Helpful

k.sato
Level 1
Level 1
In response to ehirsel

‎06-10-2004 01:42 PM

Hello,

Since I have similar quesion, please let me ask you further.

Does this mean, as long as 1st peer is up, 2nd peer will not be up?

If so, this could be exact solution for me.

0 Helpful

mlj
Level 1
Level 1
In response to k.sato

‎06-11-2004 01:16 AM

Yes that is what I am looking for, both peers for me are a different locations.

0 Helpful

mlj
Level 1
Level 1
In response to k.sato

‎06-11-2004 01:30 AM

Yes that is what I am looking for, both peers for me are a different locations.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card