Multiple Tunnels for an endpoint router?

Unanswered Question
Mar 12th, 2007

We had a firewall failure over the weekend which crippled a remote site. We have a VPN concentrator at another main site and we were wondering if we could use this for a "backup" tunnel for the remote site (the primary line is a tunnel to a separate main site - a router-to-router VPN). Can you have multiple cryptomaps on 1 interface (at the remote)? How could you force traffic down the primary and only use the secondary tunnel for backup (the primary tunnel is GRE with static routes, the VPN concentrator does participate in our OSPF network)? Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Kamal Malhotra Mon, 03/12/2007 - 17:30

Hi,

My understanding is that the remote site had a regular IPSEC VPN with the firewall at the main site which went down. If this is true then you can go ahead and configure the LAN-LAN tunnel on the concentrator using the same policies and add another peer (concentrator's IP) in the same crypto map on the remote end device.

Please do this only if my understanding is correct else let me know.

HTH,

Please rate if it helps,

Regards,

Kamal

lhoyle Wed, 03/14/2007 - 06:25

Kamal,

Yes, your understanding is correct. Thank you very much for the insight.

Lee

Actions

This Discussion