I need to deploy Site to Site redundancy with remote site pix 501 and main site 5510's. I understand defining multiple peers in the crypto map. The following is straight from cisco doc.
"You can define multiple peers by using crypto maps to allow for redundancy. This configuration is also most useful for site-to-site VPNs. If one peer fails, there will still be a protected path. The peer that packets are actually sent to is determined by the last peer that the PIX Firewall heard from (received either traffic or a negotiation request from) for a given data flow. If the attempt fails with the first peer, IKE tries the next peer on the crypto map list."
Question is, do you also have to define separate isakmp statements for each peer as well?
isakmp key ******** address 1.1.1.1 netmask 255.255.255.255
isakmp key ******** address 2.2.2.2 netmask 255.255.255.255