Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

site to site VPN

Hi, Everyone:

I have setup a vpn with a customer, they have a single site and we have 2 sites.

so vpn is setup as following

customer site to our site 1

customer site to our site 2

their source address will reach our one destiantion address.

crypto access-list source and destination are same from our both sites

is that possible we could setup active-active VPN for both sites?

2 REPLIES
Hall of Fame Super Silver

Re: site to site VPN

Mike

Without knowing a few more details it is difficult to give precise answers. In general it should be possible to set up VPN from the customer site to both of your sites that would be up and active to both at the same time (I think that is what you are describing as the desired outcome - if not please clarify).

I am not clear what you mean when you say: "their source address will reach our one destiantion address". If there is some reason why their address can not reach your second site address then it will not be possible to have an active VPN to that site. But why would they have access to one site and not to the other site?.

Also as far as this statement: "crypto access-list source and destination are same from our both sites " you would need different crypto access lists at each of your sites if each site was to have its own VPN to the customer.

HTH

Rick

New Member

Re: site to site VPN

Hi, Rick:

Thanks for your quick reply, what I means as following:

they from 10.100.0.0/24 and they want to access one ip addresses, 10.240.240.240, we have backbone circuits, we could route between two data centers, in case of the VPN device failed in one of our data center, traffic could still reach the destination via the other VPN device.

how you could have different crypto access-list?

thx

92
Views
0
Helpful
2
Replies