Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
474
Views
5
Helpful
1
Replies

VPN Redundancy

Simon Young
Level 1
Level 1

‎11-03-2016 05:24 AM

I am looking for some ideas on how I might achieve VPN failover for my remote sites, specifically is this achievable and any guides on how it can be done

I am using Cisco 887 VA routers at remote sites

I am currently terminating all of the VPNs at a single DC

I have a second DC that I would like to use as a failover site in the event that the primary Internet connection fails in the praimry DC

Both DCs have non Cisco equipment terminating the VPNs

My DCs are linked via MPLS and I need the remote site subnets to be visible to the MPLS

Labels:
Preview file
14 KB
0 Helpful
1 Reply 1

Pablo
Cisco Employee
Cisco Employee

‎11-03-2016 12:27 PM

Hi Simon,

If you're working with the legacy crypto map configuration then you can implement the IPSec preferred peer option.

On the other hand, if your L2L tunnels are using SVTIs then you have two options, IP SLA tracking or based on a dynamic routing protocol adjacency over the tunnel interface.

HTH

Pablo

Customers Also Viewed These Support Documents