Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
212
Views
0
Helpful
1
Replies

HSRP IPSec running at two sites possible?

mikeleecha
Level 1
Level 1

‎12-16-2005 01:27 PM - edited ‎02-21-2020 02:09 PM

Hello. The documentation that I've read on HA IPSec utilizing HSRP shows a headend site utilizing two routers running HSRP and the branch office running one router.

I was wondering if you can run IPSec in HA mode utilzing HSRP at both the headend and remote locations? So instead of the headend site having a set peer address of the physical interface of the branch router I would point it to the HSRP IP at the branch office.

I've tried this and it doesn't seem to work. Even though the branch office is setup with IPSec in HA mode the HSRP primary router still uses the physical interface IP when it initiates the tunnel.

Thanks

Labels:
0 Helpful
1 Reply 1

Not applicable

‎12-22-2005 11:23 AM

HSRP is designed to provide high network availability by routing IP traffic from hosts on Ethernet networks without relying on the availability of any single router. By providing network redundancy for IP networks, user traffic immediately and transparently recovers from first hop failures in network edge devices or access circuits.

It requires a broadcast network.

http://www.cisco.com/en/US/products/ps6550/products_white_paper09186a0080116d4c.shtml

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents