cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
182
Views
5
Helpful
1
Replies
Simon Young
Beginner

VPN Redundancy

I am looking for some ideas on how I might achieve VPN failover for my remote sites, specifically is this achievable and any guides on how it can be done

I am using Cisco 887 VA routers at remote sites

I am currently terminating all of the VPNs at a single DC

I have a second DC that I would like to use as a failover site in the event that the primary Internet connection fails in the praimry DC

Both DCs have non Cisco equipment terminating the VPNs

My DCs are linked via MPLS and I need the remote site subnets to be visible to the MPLS

1 REPLY 1
Pablo
Cisco Employee

Hi Simon,

If you're working with the legacy crypto map configuration then you can implement the IPSec preferred peer option.

On the other hand, if your L2L tunnels are using SVTIs then you have two options, IP SLA tracking or based on a dynamic routing protocol adjacency over the tunnel interface.

HTH

Pablo

Content for Community-Ad