Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

VPN Failover

I have two PIX515E running 7.1(2). I'm having a hard time finding details or config examples for VPN failover. Simply put, when the failover happens, I want my remote users and remote site IPSec tunnels to fail with it and have nobody skip a beat.

1 REPLY

Re: VPN Failover

I suggest you to have a look at the Admin guide .. there is achpater about configuring fail over. Make sure you configured LAN failover and also state ful failover.

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008054c4b7.html

Basically on the Primary PIX you need :

failover

failover lan unit primary

failover lan interface failover

failover replication http

failover link failover

failover interface ip failover 10.10.10.9 255.255.255.252 standby 10.10.10.10

On the secondary failover you need:

failover

failover lan unit secondary

failover lan interface failover

failover interface ip failover 10.10.10.9 255.255.255.252 standby 10.10.10.10

NOTE: You can also use the optional command failover key to encrypt communication between the PIXes. This is recommended when your PIX is terminating VPN tunnels as the the usernames, passwords, shared keys ..etc will replicate on clear text otherwise.

I hope it helps .. please rate if it does !!!

105
Views
0
Helpful
1
Replies
CreatePlease to create content