From: Guyler, Rik (rguyler@shp-dayton.org)
Date: Wed Apr 05 2006 - 10:28:30 GMT-3
I currently have a 3660 router that terminates nearly 25 vendor VPN tunnels.
These tunnels are considered mission critical to our hospital operations and
so an outage of much duration would be a hardship. Even with a 4-hour
SmartNet it could take several hours to get this back up and running.
I'm looking at various redundant setups so I could lose this router and
still maintain connectivity. Here are the options I have considered so far
in order of preference:
1) add a second router and setup HSRP/VRRP on both the inside and outside
interfaces and terminate the tunnels to the virtual address on the outside.
2) setup a pair of ASA5500s and setup failover
3) setup a second router and build secondary tunnels to each vendor
I like the sound of number one the best but not sure if it will work. I'll
lab it up to verify that unless somebody can say for sure it won't work. I
really don't want to move over to the ASA boxes...I just love VPN on
routers. Secondary tunnels would require a lot of work and time so that's
really the last option.
Does anybody know of any other possible solutions to throw in the mix? Even
some outrageous ideas might be fun to try and who knows...might just work.
I'm open to any ideas or suggestions at this point!
Thanks!
Rik
This archive was generated by hypermail 2.1.4 : Mon May 01 2006 - 11:41:56 GMT-3