I have a Cisco 871 setup as a VPN client to a third-party’s VPN server.For business reasons this VPN connection is critical and must stay up continuously.We are about to send off our server/router setup to a hosting center across the country and want to enable high availability for this VPN connection.I have researched the HSRP and even enabled it on two 871’s with matching configurations and the high availability works great.The internal interface fails over from the primary to the secondary router with no problem.However, the problem is the VPN; since we can only connect to the VPN server once, I need some mechanism to automatically disable the primary router’s VPN connection and enable the secondary router’s VPN connection.
I have found documentation on setting up failover using HSRP for VPN servers, but I’ve found no examples doing what we are trying to do.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...