Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
330
Views
0
Helpful
2
Replies

Backup VPN Tunnel on same firewall

Go to solution
sheldonscott
Level 1
Level 1

‎08-06-2009 07:31 AM

I have 2 VPN tunnels on the same pix firewall Ver 6.3(5)The tunnels goes to the same remote site. On the remote site there are 2 internet circuits a primary and a secondary. The primary circuit goes to one tunnel on my firewall and the secondary goes to another tunnel on my firewall that only comes up when the primary circuit goes down.

We are noticing that when the primary circuit goes down the backup tunnel on the pix firewall comes up but traffic stops flowing after a few minutes and I have to clear the crypto isakmp sa before traffic starts flowing again.

Am I missing something with my configurations when doing VPN's similar to these type of setup?

Labels:
Preview file
3 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sziaulla
Cisco Employee
Cisco Employee

‎08-06-2009 10:37 AM

you need to configure dpd on the tunnel so that once the primary tunnel goes down the PIX should clear the SA's for that tunnel.

now based on the code you have 6.3(5), keepalive functionality is not available

http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/c.html#wp1034654

thanks

-Syed

View solution in original post

0 Helpful
2 Replies 2

Go to solution
sziaulla
Cisco Employee
Cisco Employee

‎08-06-2009 10:37 AM

you need to configure dpd on the tunnel so that once the primary tunnel goes down the PIX should clear the SA's for that tunnel.

now based on the code you have 6.3(5), keepalive functionality is not available

http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/c.html#wp1034654

thanks

-Syed

0 Helpful

Go to solution
sheldonscott
Level 1
Level 1
In response to sziaulla

‎08-06-2009 11:11 AM

Thank you very much this was helpful.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents