rv042+rv082+VPN+SMART link Backup

Unanswered Question
Feb 16th, 2010
User Badges:

Hello,

a have 1 rv082 in my head office, and 1 rv042 in each branches. They work in permanent vpn tunnels

So how i can configure it to bring WAN2 VPN in the same network when my WAN1 fails?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
cchamorr Fri, 02/19/2010 - 14:32
User Badges:
  • Silver, 250 points or more

Well, this is what I understood from your post:


- You are suing Smart link backup

- You want that wan 2 Kicks in when wan 1 fails

- After wan 2 is active you want the tunnel to be up again.


If that is the case, you are in luck. The RV082 has a backup function for the VPN, but it has some limitations.


To activate this function, just go to the settings on the VPN tunnel that you have created for wan 1 and down at the bottom of the screen click on the Advnaced button. Now, you will see that one of the options is Tunnel backup, here you just need to enable it, and type in the IP address of the remote router. The only issue is that you can not use a Domain, it jas to be the exact IP address.


Now, make sure that you also enable Dead Peer Protection for this setting to work and don't forget to change the local interface to the backup wan.


Here is how it looks:


backup.JPG


Hope this helps

agera_cisco Sat, 02/20/2010 - 20:39
User Badges:

hello,

Thanks for advice, it will help i think, but on my rv042 there is no such option, so backup chanel dont bring up because when i try to create second VPN connection for backup there is an error come - i cant create second connection with the same parameters in Security Groups. And there is no option for bkp connection.

rv042.jpg

alissitz Mon, 02/22/2010 - 20:37
User Badges:
  • Silver, 250 points or more

Hello,


The rv042 cannot really failover between tunnel connections ... you need an rv082 for this auto failover.


Now, can you have a rv042 on one end and an rv082 on the other and still have failover?  I do not know as I have not tested it ... ;-(


It would probably be a fairly quick test though ... if you can, set up the rv082 completely and have the rv042 set up with two connections.  When you disconnect the primary connection on the rv042, does the 82 attempt the other connection?


HTH,


Andrew Lissitz

agera_cisco Tue, 02/23/2010 - 00:31
User Badges:

rv082 is trying to connect when comunication on primary chanel is lost, BUT it trying to connect with the same parameters (local,remote sec groups).

rv042 bring up backup chanel (so intenet is working) BUT i cant configure VPN with the same opions as on primary chanel, so thay cant connect.

alissitz Tue, 02/23/2010 - 06:26
User Badges:
  • Silver, 250 points or more

Hello,


I edited my above posting just a little ...


Yes, for tunnel back up and auto failover, the RV082 is the right choice.


Have you also considered traditional Cisco?  ASA5505, SR520, 800 series, 1811, etc ... a few products that can also do this.  If there are additional services, routing, etc ... then perhaps one of these would be a good choice to upgrade into.


Your thoughts?

agera_cisco Thu, 07/28/2011 - 08:35
User Badges:

Yes, thanks. I build fault tolerance infrastructure on Linksys RV082, but chanel switching is about 5 min.

Actions

This Discussion