site-to-site VPN failover?

Unanswered Question
Dec 3rd, 2008

Is it possible to configure some type of automatic site-to-site VPN tunnel failover or standby? Scenario: I have 2 totally separate ASA-5540s at a central site, which have different circuits coming into them (hence, different outside IP addresses). If one of our remote sites(5510s and 5505s) that connects back to one of the 5540s fails, is there a way to configure an automatic failover site-to-site tunnel to the other 5540? Or is there some type of standby tunnel or something that can be configured?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
aarondailey Wed, 12/03/2008 - 08:42

In this scenario, can we still use static crypto maps at the head-end site? If the head-end is set crypto map answer-only, then it cannot initiate a tunnel to the remote site? It will only be active if interesting traffic is being pased?


This Discussion