×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

site to site VPN peer ip address for failover

Unanswered Question
Karsten Iwen Wed, 12/18/2013 - 02:46
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 Firewalling, VPN

You are probably not talking about an ASA-FO-system? There you don't need to configure two peers as the ip address will move to the secondary ASA when the primary fails.


If the two peers are individual boxes, then you can specify two peers in the "set peer" statement of your crypto map. If you use Pre-Shared-Keys, then you also have to configure a second tunnel-group for the backup-peer.



-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Actions

This Discussion