Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

VPN Concentrator 3005 - multiple peers

Hey Guys,

I trying to setup l2l failover and my 3005 in one end can't do multiple peers unless is configured as originate-only.

My other end, an 1841, has 2 ISPs. Basically what I need is this site to always have l2l connectivity to the VPN 3005 side even if ISP1 is down.

Traffic will always be originating from this 1841 branch office, so this is the reason I don't want to make the 3005 originate-only, unless anyone can tell me how to "force" the 3005 to bring up the tunnel in the event that the 1841 side ISP1 goes down and their ISP2 becomes the active one?

What's the best way to accomplish this?

Is there any keep-alive I can setup in the 3005 to always have it ping the 1841 side?



Re: VPN Concentrator 3005 - multiple peers

You can configure only one LAN-to-LAN connection with each VPN Concentrator (or other secure gateway) peer. You must configure identical basic IPSec parameters on both VPN Concentrators and configure mirror-image private network addresses or network lists.


Re: VPN Concentrator 3005 - multiple peers

configure a vpn group on the 3005 and then configure ezvpn client on the remote site to automatically come up. make the remote site network extension mode and allow network extension mode on the 3005.

ez enough?

CreatePlease to create content