Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
459
Views
10
Helpful
3
Replies

Redundancy connection in site to site VPN

Go to solution
rituporna111
Level 1
Level 1

‎03-22-2016 12:29 AM

Hi All,

We have a requirement of setting redundancy between two 2900 cisco routers.

Router 1(1.1.1.1)--------------------------------------------------(3.3.3.3) 

              (2.2.2.2)--------------------------------------------------   Router 2

The scenario is from Router 1 we have 2 ISP ie in 2 interfaces we have configured 2 IPs(1.1.1.1 & 2.2.2.2).

In router 2 we have only 1 ISP (3.3.3.3)

Site to site VPN is already configured between Router 1 and router 2 between IPs 1.1.1.1 and 3.3.3.3.Now the requirement is to have 2 ISP in router1.

Default route is configured in both the routers for individual ISP. So if required I can configure another default route with higher priority for secondary link in router 1.

So is it possible to configure 2 peer ips in router 2 ?

I had checked in internet but unable to find any configuration on cisco router(i am getting configuration in ASA firewall) 

The commands to set two peer which I found in internet in ASA is -  Crypto map outside_map 10 set peer 1.1.1.1 2.2.2.2 is not supported in my router.

Can you please help me to find the command to configure 2 peers in router 2.

Thanks and Regards,

Rituporna Sama

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee
In response to rituporna111

‎03-22-2016 02:00 AM

Hi Rituporna,

Yes you need the isakmp key for both the peers.

Also the set peer remotepeer that is first in the list will act as a primary peer.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

View solution in original post

3 Replies 3

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee

‎03-22-2016 12:46 AM

Hi,

Under the crypto map config you should have the option of using two set peers:

Router(config)#crypto map AllPeersCryptoMap 1 ipsec-isakmp

Router(config-crypto-map)#set peer RemotePeer1-IP

Router(config-crypto-map)#set peer RemotePeer2-IP

Router(config-crypto-map)#set peer RemotePeer3-IP

Regards,

Aditya

Please rate helpful posts.

Go to solution
rituporna111
Level 1
Level 1
In response to Aditya Ganjoo

‎03-22-2016 01:58 AM

Thanks a lot Aditya.

I have 1 doubt in this set peer command which peer will be primary?

Here we have to create two same crypto isakmp key for 2 different peers?

crypto isakmp key cisco address remotepeer1

crypto isakmp key cisco address remotepeer2

Thanks and Regards,

Rituporna Sarma

0 Helpful

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee
In response to rituporna111

‎03-22-2016 02:00 AM

Hi Rituporna,

Yes you need the isakmp key for both the peers.

Also the set peer remotepeer that is first in the list will act as a primary peer.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

Customers Also Viewed These Support Documents