cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3350
Views
0
Helpful
7
Replies

rv042+rv082+VPN+SMART link Backup

agera_cisco
Level 1
Level 1

Hello,

a have 1 rv082 in my head office, and 1 rv042 in each branches. They work in permanent vpn tunnels

So how i can configure it to bring WAN2 VPN in the same network when my WAN1 fails?

7 Replies 7

cchamorr
Level 5
Level 5

Well, this is what I understood from your post:

- You are suing Smart link backup

- You want that wan 2 Kicks in when wan 1 fails

- After wan 2 is active you want the tunnel to be up again.

If that is the case, you are in luck. The RV082 has a backup function for the VPN, but it has some limitations.

To activate this function, just go to the settings on the VPN tunnel that you have created for wan 1 and down at the bottom of the screen click on the Advnaced button. Now, you will see that one of the options is Tunnel backup, here you just need to enable it, and type in the IP address of the remote router. The only issue is that you can not use a Domain, it jas to be the exact IP address.

Now, make sure that you also enable Dead Peer Protection for this setting to work and don't forget to change the local interface to the backup wan.

Here is how it looks:

backup.JPG

Hope this helps

Hey team,

A great discussion this is.  As a FYI, here is the link to the admin guide for the RV082:

http://www.ciscosystems.com/en/US/docs/routers/csbr/rv082/administration/guide/RV082_V10_UG_D-WEB.pdf

Starting page 43 for the specifics as well as the good post you provided below! 

Best wishes to you both for a great weekend!

Andrew

hello,

Thanks for advice, it will help i think, but on my rv042 there is no such option, so backup chanel dont bring up because when i try to create second VPN connection for backup there is an error come - i cant create second connection with the same parameters in Security Groups. And there is no option for bkp connection.

rv042.jpg

Hello,

The rv042 cannot really failover between tunnel connections ... you need an rv082 for this auto failover.

Now, can you have a rv042 on one end and an rv082 on the other and still have failover?  I do not know as I have not tested it ... ;-(

It would probably be a fairly quick test though ... if you can, set up the rv082 completely and have the rv042 set up with two connections.  When you disconnect the primary connection on the rv042, does the 82 attempt the other connection?

HTH,

Andrew Lissitz

agera_cisco
Level 1
Level 1

rv082 is trying to connect when comunication on primary chanel is lost, BUT it trying to connect with the same parameters (local,remote sec groups).

rv042 bring up backup chanel (so intenet is working) BUT i cant configure VPN with the same opions as on primary chanel, so thay cant connect.

Hello,

I edited my above posting just a little ...

Yes, for tunnel back up and auto failover, the RV082 is the right choice.

Have you also considered traditional Cisco?  ASA5505, SR520, 800 series, 1811, etc ... a few products that can also do this.  If there are additional services, routing, etc ... then perhaps one of these would be a good choice to upgrade into.

Your thoughts?

Yes, thanks. I build fault tolerance infrastructure on Linksys RV082, but chanel switching is about 5 min.