Dual Site-to-site VPN links

Unanswered Question
Apr 4th, 2008
User Badges:

I am wanting redundancy in a site to site VPN. The central site has a reliable high speed link to the Internet. At the remote site I am looking at either dual PIXs, each going to a separate ISP or an ASA with dual links to separate providers. If I use two PIXs only one would be on at any one time.


Can I at the central site specify two remote peers to the same internal network at the remote site? If that is possible, how long would it take to detect a dead peer and send to the other?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
tabdulla Mon, 04/07/2008 - 23:45
User Badges:

Ok,

You want to create aback up L2L connection,

So just add in the crypto map the ip address of PIX-2

(Central site)

crypto map mymap VPN

set peer 1.1.1.1 ------ PIX1

set peer 1.1.1.2 ------PIX2



So the VPN tunnel will use the first ip in the crypto map .if the first ip failed (detecting via DPD) the ASA will use the second IP.


Thanks,

Tariq


Actions

This Discussion