Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

1710 VPN Tunnel Failover

Can anyone confirm whether the 1710 can automatically failover and establish a VPN tunnel to another VPN endpoint at a different location if it detects its VPN Tunnel cannot be established to its headend device. The scenario is a 1710 to a 3000 series concentrator.

The 3002 devices provide this functionality and I was hoping the same was true for the 1700 VPN series.

New Member

Re: 1710 VPN Tunnel Failover

Yes, I think you can do it on a 1710 as well.

I assume that your primary is, backup is

crypto isakmp policy 20

encr 3des

authentication pre-share

group 2

crypto isakmp key sharedkey address

crypto isakmp key sharedkey address

crypto isakmp keepalive 10 20

! to keepalive when primiry site down and build up tunnel with backup site


crypto ipsec transform-set dsltest esp-3des esp-md5-hmac


crypto map test 10 ipsec-isakmp

set peer

set peer

set transform-set dsltest

match address 101

Best Regards,