We are in the process of adding an additional ISP to our corporate network. When we do so the ASA we use will connect with our WAN sites (Cisco 2811's and I know we need to upgrade!) with the current NAT'd IP (220.127.116.11 for this question) and also the new one (18.104.22.168). I need to know a way to add the additional ISP Ip into our WAN site routers so it will accept either the existing IP or the new one. Here is our WAN site router current setup....
The suggestion from Edison is the classic way to define a second tunnel on the 2811 router. And it works very well as long as the two tunnels go to separate destinations. But if I read your posts correctly it is the same single 2811 as source going to the same ASA as destination. In that case I do not believe that two separate tunnels will work. There is a way to have two peer statements within the same instance of the crypto map and I believe that is what you need for the 2811. The config might look something like this:
It is my understanding that if you configure what I have suggested with two peer statements in one instance of the crypto map that the router will build one tunnel (not two) and that it will try the first peer address. If the first peer address works then the tunnel comes up. If there is a problem with the first peer address then the router tries the second peer address. So in effect it gives you a fail over mechanism.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...