11-16-2010 03:17 AM
Hello,
I have some doubts about the VRRP process in VPN concentrators.
1) The Group Shared Address (public and private) it's the same than the Real Ip Addresses of the Master, correct?
For example, if I have configured like this:
Master: public(10.10.10.1); private (20.20.20.1)
Backup: public(10.10.10.2); private (20.20.20.2)
The group shared address should be: public(10.10.10.1) and private(20.20.20.1), correct?
2) If I have already a VPN concentrator configured and I want to had another one for redundancy, and I mantain the same IP address than before for the master, I dont need to change nothing in the neighbours of the VPN concentrator, right?
3) If the Master goes down, the backup will take over the VPN connections, the users will still use the same IP address than before to connect by VPN. However if I want to access to the administration of the backup I should still access to the 20.20.20.2 correct?
Thank you.
Best regards,
Norberto
Solved! Go to Solution.
11-16-2010 11:28 PM
Yes, you are absolutely correct with all your 3 statements.
With your second question, if you would like to add another VPN Concentrator for redundancy, you can actually use the configuration of the other VPN Concentrator, and just change the ip address that you assign to the private and public interfaces so it's unique. All that needs to be the same is the group shared addresses, and also the role as a slave instead of master.
Here is more information on VRRP for your reference:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_tech_note09186a0080094490.shtml
Hope that helps.
11-16-2010 11:28 PM
Yes, you are absolutely correct with all your 3 statements.
With your second question, if you would like to add another VPN Concentrator for redundancy, you can actually use the configuration of the other VPN Concentrator, and just change the ip address that you assign to the private and public interfaces so it's unique. All that needs to be the same is the group shared addresses, and also the role as a slave instead of master.
Here is more information on VRRP for your reference:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_tech_note09186a0080094490.shtml
Hope that helps.
11-17-2010 01:48 AM
Hi Jennifer,
Thank you for your reply!
Best regards,
Norberto
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide