02-20-2019 09:48 PM
Hello,
I am trying to do IPSec site to site vpn between to sites that is Site A and site B as described in diagram.
Please assist how to deploy VPN in this secnario. Both site has virtual IP address of HSRP.
Do we need to create VPN parameters in both routers i.e Site A (R1 and R2) and Site B (R3 and R4).
Hoping for optimize and ideal solution for this scenario. Which routing protocol should be run as i have configured static route.
02-20-2019 11:40 PM
Hi,
I never tested this is in labor real life. Why are you configured HSRP on WAN interface? Is there any internal server published on the WAN?
As per my understanding, you required two VPN tunnels from each router. One VPN will be terminated from R1 to R3 and R1 to R4 and vice versa. You have to configure for same from R2 also. You can use IPSLA from monitoring routing for the VPN.
I am not sure a VPN group will help in this case. Let me try in a lab and will come back on tomorrow.
Regards,
Deepak Kumar
02-22-2019 01:14 AM
Hi Deepak,
Is there any issue with design consideration, please suggest. Or would it be possible to put R1 and R1 in HA ?
02-22-2019 08:12 AM
Hi,
My suggestions are below:
Configure Dual HUB DMVPN with IPSec protection setup and run the OSPF or EIGRP.
It is tested in my lab and will work.
Regards,
Deepak Kumar
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: