Currently use Pix/ASA with site-to-site IPsec with GRE inside the IPSEC.
My gre tunnels use a single interface on the internal router and point to the firewall. Example of the rules in the pix are SiteA to SitB:
220.127.116.11 allowed to 192.168.100.1
Ospf is used to allow fail over between sites.
However I want to add an extra "tunnel" to one site and preserve the existing tunnel. Can I simple use new tunnel sources? SiteA and SiteB have several layer3 vlans on them.
I could easily use SiteA18.104.22.168 to SiteB 192.168.101.1 as my tunnel endpoints, along with the External IP's on the firewalls used to create the IPsec tunnel.
All the examples all show using a single interface as the tunnel source for all the GRE tunnels. I haven't seen any example where using multiple interface as the tunnel source.
Reason behind this madness is my new tunnel will have an OSPF bandwidth of 40meg. Want to keep my old tunnel & Pix/ASA rules to the same site from my old 1meg tunnel. This way if 40meg tunnel/circuit "dies" then they will go over the 1meg circuit.
I want to do it this way to keep the latency low. Have it fail over to another site could have latency go from 30 to over 100ms.
Yes, no? I hope this isn't a re-post. The original I submitted never posted.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :