Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
446
Views
0
Helpful
1
Replies

VPN Failover Configuration

jonjondmjr
Level 1
Level 1

‎09-22-2010 02:37 AM

Hi there,

Kindly help on how to configure a scenario that requires a VPN to failover to another VPN connection if the primary link is down. Here's the case, we have two router, Router A on the HQ and Router B on the the branch site. Both of the routers A and B has Dual ISP or multi-homed. I need to configure the two routers with both their ISP's to be used for VPN tunnel. VPN tunnels were destined to the same network on the private side of each of the router. The setup will be Router A's link 1 connected to Router B's link 1 and Router A's link 2 connected to Router B's link 2 via VPN and vice versa. This must be done to achieved a redundant VPN connection that will auto failover in case a VPN link is down. Any sample config would be appreciated.

Thanks,

Jonjon

Labels:
0 Helpful
1 Reply 1

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎09-22-2010 03:03 AM

Jonjon,

The two sites are supposed to establish VPN  similar to lan to lan?

If so have you given a though to SVTI or SVTI-DVTI configuration?

It pretty much depends  how it's configured and how much you're willing to change it. Starting with routing.

Multihomed site can run DVTI of a loopback and branch can run two SVTI tunnels to the DVTI (running routing protocol to choose one)


Marcin

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents