Re: HSRP Track VPN - Page 2

anthony.baker · ‎09-08-2009

Hey guys,

I have two 6500's with FWSM's. The 6500's have a VPN connection from each to a PIX for VPN between two sites.

The route out of the FWSM is the HSRP of the two 6500's so while both connections are up there's no problem. However, if one VPN connection goes down then although the other one is there it isn't used because the traffic is still sent to the other switch. The problem is that sometimes the VPN connection goes but the actual interface is still up.

Is there any way for me to get HSRP to track the VPN connection or a better way of doing things?

Cheers,

Anthony

anthony.baker · ‎10-01-2009

Hey,

From your mail I figured the command was a global one so I've been trying the following and this is what I see:

testsw1(config)#ip s?

sap scp security slb source

source-route ssh sticky-arp subnet-zero

Am I missing something?

Thanks,

Anthony

Jon Marshall · ‎10-01-2009

Anthony

Just out of interest could you post output of

testsw1(config)# ip r?

Jon

anthony.baker · ‎10-01-2009

ok, no probs:

testsw1(config)#ip r?

radius rcmd reflexive-list route rsvp

rtcp rtp

Anthony

Jon Marshall · ‎10-01-2009

Anthony

SXF supports rtr which is the predecessor of ip sla and supports most of the functionality -

http://www.cisco.com/en/US/docs/ios/ipsla/command/reference/sla_03.html#wp1023731

If you actually want to use IP SLA you need to look at 12.2SXH but then you also need to make sure SXH still supports all your other needed features.

Jon

anthony.baker · ‎10-01-2009

ok, thanks - I'll update the IOS and let you know how it goes...

Cheers for the help!

Anthony