Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Redundant Tunnels

I would like if possible to configure this scenerio.

I have remote sites with PIX 506 s connecting to a cisco 2801 router with VPN AIM. This is working correctly. Now i have also a second 2801 for redundancy purposes. If i set the pix up with a second peer address of the 2801 #2 ISAKMP phase 1 completes successfully and i get 2 tunnels formed on the PIX . However a proper ipsec sa does not get generated for the second connection.

What i would like is to essentially load balance the traffic across the 2 vpn routers from the pix. I can accomplish this without a problem from the router side using equal cost routing but on the pix only one of them is allowed to be active at a time in an ipsec sa standpoint.

Is there something i am missing or is it not possible

1 REPLY
Silver

Re: Redundant Tunnels

I think this is possible as PIX can also exchange routes with dynamic protocols like OSPF.

127
Views
2
Helpful
1
Replies
CreatePlease to create content