Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Migrating from one VPN concentrator to 2 in a load-balancing coniguration

I have one production VPN concentrator with some users defined locally and some defined on a ACS server.

I would like to migrate to a load-balancing configuration with a second VPN concentrator but I must keep the users and groups defined locally on the first VPN concentrator.

Any help would be greatly appreciated.

4 REPLIES
New Member

Re: Migrating from one VPN concentrator to 2 in a load-balancing

I implemented load balancing last year. I've had to manually synchronize the configs. Honestly, there have been some problems with getting configs out of synch.

New Member

Re: Migrating from one VPN concentrator to 2 in a load-balancing

Hi,

Thank You for Your quick response.

Could You please tell me about authentication and authorization with external RADIUS server. Are there any problems when differnt users from the same group (with the same address pool) are connected to different devices from the cluster.

New Member

Re: Migrating from one VPN concentrator to 2 in a load-balancing

I only use authentication, not authorization, from an ACS server. I maintain the groups internally on the concentrators, and have to manually synch them. I have to mainatain separate address pools for each concentrator. Separate internal address pools worked,and then I migrated to separate DHCP pools and that worked ok also. Think of each device as still independently separate, just sharing an external IP. Once connected, the user is locked onto the same concentrator for the duration of the connection.

New Member

Re: Migrating from one VPN concentrator to 2 in a load-balancing

Thank You very much for Your help. You will use my external RADIUS and I will tell You about the results.

Best Regards,

Lora

294
Views
0
Helpful
4
Replies
CreatePlease to create content