04-04-2008 07:41 AM - edited 03-11-2019 05:27 AM
I am wanting redundancy in a site to site VPN. The central site has a reliable high speed link to the Internet. At the remote site I am looking at either dual PIXs, each going to a separate ISP or an ASA with dual links to separate providers. If I use two PIXs only one would be on at any one time.
Can I at the central site specify two remote peers to the same internal network at the remote site? If that is possible, how long would it take to detect a dead peer and send to the other?
04-07-2008 11:45 PM
Ok,
You want to create aback up L2L connection,
So just add in the crypto map the ip address of PIX-2
(Central site)
crypto map mymap VPN
set peer 1.1.1.1 ------ PIX1
set peer 1.1.1.2 ------PIX2
So the VPN tunnel will use the first ip in the crypto map .if the first ip failed (detecting via DPD) the ASA will use the second IP.
Thanks,
Tariq
04-08-2008 12:30 PM
Thanks. I will try it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide