I have a IPsec VPN Hub and Spoke topology with 3 Hub sites and 3 remote sites per hub site. All remote sites have to go through their hub site to talk any other remote sites or the other 2 hub sites. I need to enable ISDN backup from each remote site to their hub site in case the main line goes down.
1. Should I use tunnel interfaces to do this? Is it possible to set this scenario up without tunnel interfaces?
2. Is their a perfomance increase using tunnel interfaces?
3. Can anyone suggest a good monitoring tool for VPN setups?
You can set up redundant VPNs with and without GRE tunnels. However, doing it without GRE tunnels limits your choice of routing protocols to detect link down (BGP is the easiest). There is a brief white paper on my web site with example configurations using OSPF over GRE and BGP directly over IPsec. They should give you some ideas of what you can do and the tradeoffs involved.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...