Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
216
Views
0
Helpful
1
Replies

How to create the automatic switchover for VPN

irshad.saifi
Level 1
Level 1

‎12-20-2004 08:14 AM - edited ‎02-21-2020 01:30 PM

Hi I have created VPN on the router. Incase one service provider failure we manually switched over the VPN to another service provider like manually set crypto map from one interface to another.

Can we have some dynamic switchover and set the priority incase both VPN'S are running.

Will appreciate for all your valuable feedbacks.

Thanks

Irshad

Labels:
0 Helpful
1 Reply 1

ehirsel
Level 6
Level 6

‎12-20-2004 09:15 AM

In order to have a dyamic switchover, what you need to do is to run a dynamic routing protocol between your vpn gateway peers, along with modifying the crypto map to use a loopback interface (that loopback will be one of the networks/hosts advertised via the routing protocol). Assuming that you have both provider links up at the same time, you do this:

1. Create two loopback addresses, along with the two crypoto maps. Map1 and 2 will acutally be the same execpt Map 1 will use Looback1 and be used be applied on provider #1 inteface, while map2 will use Loopback2 and be applied on provider #2 interface. Run a routing protocol that hands out two different metrics for the loopback addresses, to allow the prioritization.

2. On the remote end, create one crypto map and allow it to have 2 peers, one for each head-end connection. It will have to also run a dynamic routing protocol to accept the advertisement from the head end.

Let me know if this helps. One thing I assume is that the remote end also has two provider interfaces, let me know if this is not the case.

0 Helpful
Customers Also Viewed These Support Documents