Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
440
Views
5
Helpful
2
Replies

Force VPN tunnel change after commutation

Marcos F
Level 1
Level 1

‎12-13-2021 12:18 PM

Its there any posibilitie to force the VPN tunnel change after a commutation to DR VPN get back to Main VPN on B2B VPN static


I have this issue: when Main VPN is down the DR VPN turns up, but i want to switch over again to Main VPN when is UP i already have an IP SLA & Track on this route but still cant have the switch to Main VPN when its stable again

Labels:
2 Replies 2

Rob Ingram
VIP
VIP

‎12-14-2021 12:21 AM - edited ‎12-14-2021 12:24 AM

@Marcos F are you using a policy based VPN on ASA? If so the ASA connects to the first peer, if that fails it connects to the second (backup) peer. It will only reconnect to the first (primary) peer if the second peer fails.

 

Instead of using a policy based VPN, you could use a route based VPN and use a routing protocol with a metric to prioritise the route to the primary site. If the primary site fails, the FW will a backup route to the DR site. When the primary site is active again, the tunnel will be established and the routes with a higher priority will take precedence, routing traffic over the primary VPN again.

0 Helpful

MHM Cisco World
VIP
VIP

‎12-19-2021 02:33 PM

follow

0 Helpful
Customers Also Viewed These Support Documents