Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Changing S2S VPN tunnel endpoint

Hi CSC'ers,

For DR purposes, we have two VPN tunnel endpoints on different ISP's at our head-end office. At our branch office, we have an ASA. I am wondering if for the purpose of re-pointing the tunnel from the branch to the DR endpoint at the head-end, it's as easy as:

no crypto map <map-name> <seq-num> set peer <ip_address_1>

crypto map <map-name> <seq-num> set peer <ip_address_2>

Where <ip_address_1> is the regular production endpoint, and <ip_address_2> is the DR endpoint.

Or is there any other command that I need to run to make the tunnel re-point take effect?

(Yes, I know I can have multiple peers set on a crypto map set peer, but we have reasons that we don't want to do that.)

Thanks,

Will

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Changing S2S VPN tunnel endpoint

Will,

I dont know what DR means, but if what you want to do is just to change the peer for the VPN tunnel, then yes that is all you need to do

Let me know if you have any other questions.

Mike

Mike
1 REPLY
Cisco Employee

Changing S2S VPN tunnel endpoint

Will,

I dont know what DR means, but if what you want to do is just to change the peer for the VPN tunnel, then yes that is all you need to do

Let me know if you have any other questions.

Mike

Mike
397
Views
0
Helpful
1
Replies
CreatePlease to create content