Re: [OSL | CCIE_Security] IPSec with SSO

[Brandon Carroll]

Tyson is correct.  I was thinking of Stateful Failover minus the IPSec part. ipc zone default association 1  no shutdown  protocol sctp local-port 55001  local-ip 9.9.156.6 remote-port 50001  remote-ip 9.9.156.11 http://www.cisco.com/en/US/docs/ios/sec_data_plane/configuration/guide/sec_fwall_state_fov.html#wp1167791 I did in fact forget about the requirements: The Cisco Integrated Services Routers (ISRs) and the VPN modules that support stateful failover for IPsec are as follows: –The AIM-VPN/BPII-PLUS and AIM-VPN/SSL-1 hardware encryption modules are supported in a Cisco 1841 router. –The AIM-VPN/EPII-Plus and AIM-VPN/SSL-2 hardware encryption modules are supported in Cisco 2801, 2811, 2821 and 2851 routers. –The AIM-VPN/EPII+ and AIM-VPN/SSL-3 hardware encryption modules are supported in a Cisco 3825 router. –The AIM-VPN/HPII+ and AIM-VPN/SSL3 hardware encryption modules are supported in a Cisco 3845 router. –The VPN Acceleration Module (VAM) and VAM2 hardware encryption modules are supported in a Cisco 7200 series router. Found here: http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_failover_ipsec_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1043332 Regards, Brandon Carroll - CCIE #23837 Senior Technical Instructor - IPexpert Mailto: bcarr...@ipexpert.com Telephone: +1.810.326.1444 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com On Apr 6, 2010, at 8:23 AM, Tyson Scott wrote: You must have an AIM-VPN module installed to do testing with SSO.   Regards,   Tyson Scott - CCIE #13513 R&S, Security, and SP Technical Instructor - IPexpert, Inc. Mailto: tsc...@ipexpert.com Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130   IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website atwww.ipexpert.com   From: ccie_security-boun...@onlinestudylist.com [mailto:ccie_security-boun...@onlinestudylist.com] On Behalf Of Kingsley Charles Sent: Tuesday, April 06, 2010 7:17 AM To: ccie_security@onlinestudylist.com Subject: [OSL | CCIE_Security] IPSec with SSO   Hi all   I am trying to configure IPSec with SSO.     router1#show redundancy states        my state = 13 -ACTIVE      peer state = 1  -DISABLED            Mode = Simplex         Unit ID = 0     Can someone please let me know the reasons, why the peer state is disabled.       With regards Kings _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com

_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com