I am looking for a way of IPSEC failover. I have several locations and clients, every location is using IPSEC tunnel configured of their own VPN concentrator to access each other's LAN network.
I need to configure failover for this, the way I was looking at is to configure backup tunnel for every tunnel on each concentrator. And I guess this is not possible as I didn't see any kind of backup configuration facility in VPN concentrator.
It will be easy to have backup configured as easy as on routers âbackup interfaceâ which does failover on primary link failure. But all of my VPNs are on concentrators and it doesn't have any backup mechanism. Plus I need to consider routing changes.
All of the sites have only one internet connection, so the VPN tunnel backup doesn't make any sense in case of failure of sites own internet link, though it will work if other site's internet link is down as it will shift to some other site.
Any idea about this, have anyone configured this kind of scenario?
Thanks, Let me know any additional details required to discuss this topic.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...