Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN Connectivity for Primary and DR sites

We have IPSec VPN connectivity to our clients as our primary link and now we are also planing to setup DR over VPN however I cant figure out how to configure client site routers, because of financial issues we have to use the same router on client site for production and DR. We do not run any routing protocol with client (all Static).

The issues I have

1) how to setup 2 separate tunnels on the same routers for the same traffic (source and destination will remain same)

2) The DR tunnel should not come up as long as the primary connection is good.

1 REPLY
Gold

Re: VPN Connectivity for Primary and DR sites

providing the business requirements above, one way is to setup a secondary vpn peer on the router.

e.g.

crypto map vpnmap 10 ipsec-isakmp

set peer 10.0.0.1

set peer 192.168.1.1

set transform-set vpnset

match address 100

with the sample above, the router will always try establishing a vpn with 10.0.0.1. the router will try 192.168.1.1 if and only if 10.0.0.1 fails.

86
Views
0
Helpful
1
Replies
CreatePlease to create content