We have several remote sites using PIX 501's back to cvpn 3015--works great. We would like to implemement a backup peer device in HQ on isp B (testing with just a PIX 501)...PIXs are default gateway for remote sites, and 3015 is in parallel with our firewall in HQ. We use static routes on an internal layer 3 switch to route through 3015 to remote sites. How would we be able to route internally to backup PIX (or concentrator if we get another)? I have an old 2500 I could use internally, if necessary, since the switch is non cisco and RIP / static routing is buggy on it.
Well...points just for replying--thanks a million. Looks good, but RRI will always show routes whether the tunnel is up or not, which won't help in this case. HSRP also won't apply in this case as we don't have an external router.
Nevertheless..I had given up hope for a reply, so I'm glad you did, and the info looks promising for future designs!
This looks fantastic and was exactly the concept I was looking for. I was scratching my head wondering why something like this didn't exist to do simple tests on whether an ip was up or down...looks relatively new(?) Too bad my 2500 won't run that level IOS with the memory it has, but I can always find something around here that will ;)
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :