Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
351
Views
0
Helpful
3
Replies

Redundant VPN Peer

rsoave
Level 1
Level 1

‎11-20-2004 09:05 AM - edited ‎02-21-2020 01:27 PM

Hi,

I would like to know, which configuration I have to do to get this task:

I have a Router with a Frame-relay link, and a internet link as backup with VPN.

When the frame-relay goes down, my vpn is established and the traffic goes to this link.

My question is, if on the other side I had two VPN peers, and I want a try to connect to peer A, but he is no available, how I configure my remote site to try to establish a VPN connection with Site B automatically??

Cisco links with this solution, or configuration tips is welcome.

Thanks!!

Labels:
0 Helpful
3 Replies 3

sachinraja
Level 9
Level 9

‎11-21-2004 03:17 AM

Hello rsoave,

Please let us know the following:

1) is the internet link on the same router as the FR link or in a different router ? if on different routers, are u running any dynamic routing protocol between these ?

2) I hope the traffic through the FR is also through a IPSEC tunnel and there is a backup IPSEC tunnel through internet & i hope that the peers are the same for both FR & internet....correct me if i'm wrong..

3) i didnt get your other side setup.. is it also having backup VPN peers or two different peers to different destinations ??

All the best !!

0 Helpful

rsoave
Level 1
Level 1
In response to sachinraja

‎11-21-2004 06:12 AM

1) The internet link is in different router, I am running HSRP, between routers, and the router with a FR link is the active, and the router with Vpn link is the standby.Between my routers network, we are running EIGRP protocol.

2) The IPSEC Tunnel will be only active, when the FR link goes Down, and HSRP track decrement the number of active router, and standby router become the active.

3) And the other side, I intend to install 02 VPN peers, belonging to the same internal network, but with the different Providers to external network. Suppose that link A is down, my router will try to connect to link A, but fails, so he try to connect to link B, and Sucess, is only this that I want.

Attached, follow the drawing of the network.

Tks for your help.

Preview file
50 KB
0 Helpful

sachinraja
Level 9
Level 9
In response to rsoave

‎11-21-2004 08:38 AM

Hi rsoave,

since all the three routers are in the same lan, you can configure these three routers at the main site on HSRP groups.. Give the following priority:

Frame relay router - 110

Peer A internet router - 105

Peer B internet router - 100

This will put the traffic from main site server onto the FR router and then to peer A router, and if both this FR link and peer A link is down, it will then put the traffic to Peer B router. Routing will happen like this...

On the remote site, the standby router will have 2 crypto peers to peer A & B. since HSRP is running on the remote site, it will put the traffic on the internet links, if the FR link is down..

there will be 2 crypto maps on the remote site, so that if one crypto peer is unreachable, it tries for the second one.. the first crypto map on the list will take precedence..so,configure Peer A's public IP as the first peer...

All other configurations (IKE policy, interesting traffic,transform-set etc) will be common for both the ISP's.

0 Helpful
Customers Also Viewed These Support Documents