Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
455
Views
0
Helpful
2
Replies

Redundant VPN Configuration

froggy3132000
Level 3
Level 3

‎10-08-2005 05:13 PM - edited ‎02-21-2020 02:01 PM

I currently have a 3725 with 30+ tunnels, there are 837's on the remote ends. For about 10 of the tunnels I want to build another tunnel to an ASA, so that if one goes down the other one passes the traffic. Trying to figure out if I can just add the most preffered one with a lower crypto map?

Labels:
0 Helpful
2 Replies 2

jackko
Level 7
Level 7

‎10-08-2005 07:25 PM

when you configure lan-lan vpn on 837, it is possible to configure more than one peer for redundancy.

e.g.

crypto map mymap 10 ipsec-isakmp

set peer

set peer

set transform-set myset

match address 100

0 Helpful

apavlikova
Level 1
Level 1
In response to jackko

‎06-09-2006 12:19 AM

Hi,

I've configured my devices as you describe.

But what is behaviour like with setting two peers?

That scenario is working in case the tunnel is going to be established (837 will try vpn peer 1 and if there's no response, it will try the vpn peer 2).

But once the tunnel is established to the first peer and and that peer will fall down, 837 router will not inicialize new vpn connection to second peer. Or am I wrong?

Thanks.

0 Helpful
Customers Also Viewed These Support Documents