04-06-2010 01:46 PM
I have a Cisco 871 setup as a VPN client to a third-party’s VPN server. For business reasons this VPN connection is critical and must stay up continuously. We are about to send off our server/router setup to a hosting center across the country and want to enable high availability for this VPN connection. I have researched the HSRP and even enabled it on two 871’s with matching configurations and the high availability works great. The internal interface fails over from the primary to the secondary router with no problem. However, the problem is the VPN; since we can only connect to the VPN server once, I need some mechanism to automatically disable the primary router’s VPN connection and enable the secondary router’s VPN connection.
I have found documentation on setting up failover using HSRP for VPN servers, but I’ve found no examples doing what we are trying to do.
Any help would be greatly appreciated.
Thanks,
John
04-06-2010 02:13 PM
Oops, posted the wrong info...:-)
04-06-2010 02:18 PM
There are few examples of complex IPSec failover. There is a great book on this topic though-
Hope it helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide