From: Ovais Iqbal (ovais.iqball@yahoo.com)
Date: Mon Oct 13 2008 - 01:31:46 ART
Hello all, i am deploying VPN in my environment but face this strange issue, but first look at my scenario.
I have 2 routers with 2 links to each other, 1 DSL and other Wimax. On both routers i have formed GRE tunnels lets name them tunnel 1 and tunnel 2. I am running ospf and have adjusted the cost such that tunnel 1 is primary and tunnel 2 is backup. so far everything is running fine. Now i want to deploy simple site to site vpn such that, when tunnel 1 is up VPN is formed between link 1, and when tunnel 1 is down and tunnel 2 is up VPN is formed between link 2. but i dont know how to do it, see following config
tunnel 1 (Wimax) destination is lets say 1.1.1.1
tunnel 2 (DSL) destination is 2.2.2.2
crypto map mymap 10 ipsec-isakmp
mat address 101
set peer 1.1.1.1
set peer 2.2.2.2
set transform-set sample
Now you can see the issue, crypto map doesnt care which tunnel my traffic is going through, it will make peer with 1.1.1.1 and thats all !!!, i want it to make vpn tunnel with both the peers that is 1.1.1.1 and 2.2.2.2, how can i do it ??? if this is not possible then suggest me what else to do, i know its a very common scenario there should be some solution to it,
Kindly help me out in this
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sat Nov 01 2008 - 15:35:20 ARST