Basic query on backup servers list for RA VPN servers.
with the command: backup-servers <server list/keep-client-config> options..
Lets say if I have the ASA to push backup servers to RA client when connects. What happens second time when the cleint tries to connect and primary server is not available..? Does the client tries to look for backup server IP pushed during the first time or the backup server list will be pushed everytime client tries to connect..?
In general what is recomended..? Any security related issues if we roll the clients with backup server and on primary use 'Keep-client-config'
Re: Query on Backup server listing for RA VPN servers
To configure backup servers, use the backup-servers command in group-policy configuration mode. To remove a backup server, use the no form of this command. To remove the backup-servers attribute from the running configuration, use the no form of this command without arguments. This enables inheritance of a value for backup-servers from another group policy.IPSec backup servers let a VPN client connect to the central site when the primary security appliance is unavailable. When you configure backup servers, the security appliance pushes the server list to the client as the IPSec tunnel is established.
keep-client-config - Specifies that the security appliance sends no backup server information to the client. The client uses its own backup server list, if configured.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :