I am not sure if this question belongs here but figured a good place to start. We are looking into using VPN Lan-to-Lan tunnels to backup our T-1s to our remote locations. I am in that santiy check / configuration phase in regards to the big picture plan. I am planning to use the second ethernet interface on the routers to configure the Lan-to-LAN link back to our corporate concentrators. Current questions / concerns ...
1) Should I monitor the T-1 and only build the tunnel at useage time or better to have the tunnel always up and rely on say routing metrics to move the traffic?
2) Most facilites currently must ride the T-1 to get out to the internet but I do have a couple that have their own PIX. Is the best option to bypass the PIX with a cable or try to tunnel through the PIX?
3) Can anyone point us to any configuration samples / documentation for using LAN-to-LAN as a backup?
when u gonna configure lan to lan u must define access-list that represent the interesting trafic to be tunneled
so if u have a routing lets say u have a default or static route goes over ur T1 link wich is by default has AD of 0
only after creating and configuring ur vpn
creat another static route point to ur remote prive network and the gateway is the remote peer IP address and CHANGE THE DEFAULT AD OF THIS STATIC ROUTE TO NUMBER HIGHER THAN THE PRIMERY ONE (IF U USE OSPF MAKE HIGHER THAN 110, IF U R USING STATIC MAKE HIGHER THAN 0)
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :