vpn question

Unanswered Question
May 17th, 2007
User Badges:

Hi,

i would like configure HSRP stateful failover on vpn spa module in two Chassis(Active/stanby) on cisco 7600 with dual wan connection(w1 ,w2).

i have to create two port-vlan and interface-vlan , but i don't know how configure HSRP on interface-vlan.

i found only following link about configure HSRP on one interface vlan.


http://www.cisco.com/en/US/products/hw/routers/ps368/module_installation_and_configuration_guides_chapter09186a00806c1d16.html

please help me,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
thomas.chen Wed, 05/23/2007 - 07:42
User Badges:
  • Silver, 250 points or more

HSRP is to provide redundancy to all Vlan interfaces, basically HSRP will work becasue we will share the same Virtual ip address,

we can have only one device as Active (in Normal HSRP config).

So, what you need to is to configure Vlan interfaces with a totally differnet ip address as the Virtual ip, for instance, you said the current default gateway is 10.2.2.1 (on vlan 1) this ip address will be the HSRP Virtual ip. So it means, we will need to configure Switch 1 with 10.2.2.2 (for example) and Switch 2 with 10.2.2.3 (for example), the config for HSRP should look as:


Switch 1 (ACTIVE)


config t

interface vlan 1

ip address 10.2.2.2 255.255.0.0

standby 1 priority 105

standby 1 preempt

standby 1 ip 10.2.2.1

end

----------------------------------------

Switch 2 (STANDBY)


config t

interface vlan 1

ip address 10.2.2.3 255.255.0.0

standby 1 priority 100

standby 1 preempt

standby 1 ip 10.2.2.1


Refer this link:

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12114ea1/3550scg/swhsrp.htm#1044126

judd_alberts Sun, 05/27/2007 - 13:25
User Badges:

Hi, thomas


But we have two WAN connection (w1,w2).

my idea , we must define two port-vlan and two interface vlan,

http://www.cisco.com/en/US/products/hw/routers/ps368/module_installation_and_configuration_guides_chapter09186a00806c29b1.html


for example :

Port VLAN 501 and port VLAN 502 are the port VLANs that are associated with the router outside ports W1 and W2.


Interface VLAN 1 and interface VLAN 2 are the interface VLANs that correspond to port VLAN 501 and port VLAN 502.


So,we must configure two HSRP group for two Interface VLAN 1, Interface VLAN 2,


Switch 1 (ACTIVE)


config t

interface vlan 1

ip address 10.2.2.2 255.255.0.0

standby 1 priority 105

standby 1 preempt

standby 1 ip 10.2.2.1

end

Switch 1 (ACTIVE)


config t

interface vlan 2

ip address 10.2.3.2 255.255.0.0

standby 1 priority 105

standby 1 preempt

standby 1 ip 10.2.3.1

end

-----------------------------


Switch 2 (STANDBY)


config t

interface vlan 1

ip address 10.2.2.3 255.255.0.0

standby 1 priority 100

standby 1 preempt

standby 1 ip 10.2.2.1

end

Switch 2 (STANDBY)


config t

interface vlan 2

ip address 10.2.3.3 255.255.0.0

standby 1 priority 100

standby 1 preempt

standby 1 ip 10.2.3.1

end


Thanks your advice,

Actions

This Discussion