PIX peer redunancy

Unanswered Question
Feb 18th, 2009

Hi ,

We are using pix 515E with IOS version 6.3 3 with the serial failover

From the PIX we have established a VPN to our head office which as the two ISP connected

in this condition we already have VPN but in case of the primary ISP down we have failover in the VPN

In router we will option that for the same crypto map we can have two set peer address

so is there any way to do the same in the PIX since i have studied some Dead peer deduction

can anyone help me in this

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
robertson.michael Wed, 02/18/2009 - 12:51

Hi Vinoth,

I'm not sure exactly what you are trying to do, but below are some links which hopefully will help. Also, I do not believe Dead Peer Detection was added until 7.x, so this would not be available to you in 6.3(3).

Site-to-Site VPN Configuration Examples:

http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/sit2site.html

'crypto map' Command Reference (where the peer is set):

http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/c.html#wp1034654

If these documents do not answer your questions, please try to clarify and we will be glad to help.

-Mike

Actions

This Discussion