Tuesday, October 13, 2009

IPSEC Redundancy

Hi Guys,

Straight into it: Did you know that there are some very nice redundancy features for IpSEC? Sure I always kind of realized you could put two routers in a VRRP or HSRP Arrangement, but what if I told you not only could you do this but you could also even get them to exchange state information about the traffic in the IPSEC session?

Or what if your routers are in entirely different subnets? So maybe you have an ipsec router on one ISP and a backup IPSEC router on the other? That is the topic of this blog.

Lets first cover off a very basic redundancy option that might fit the bill for you perfectly:

Just add more than one peer in your set peer command!

No comments:

Post a Comment