Hi Ben,
Software client will not reconnect automatically. You must manually click to
connect again.
HW client has a mode called ‘auto’ so that it continously tries to reconnect.
Regards,
Piotr
From: Ben Shaw
Sent: Saturday, May 05, 2012 4:09 PM
To: [email protected]
Subject: [OSL | CCIE_Security] IOS IPSec HA with HSRP and RRI
Hi All
I am labbing up a couple of 1800s to use in a stateless HA pair for IPSec/Easy
VPN. At the moment I am using crypto maps.
Targeting the HSRP address of the 1800s, my 871 Easy VPN client detects when
the tunnel goes down as a result of the HSRP VIP changing to the secondary 1800
when an interface fails on the primary 1800. When the interface comes back and
preempt causes the HSRP roles to change back, the 871 client again detects the
dead peer and recreates a tunnel to the active 1800.
I am wondering though if this can be done with the IPSec Client? I am
connecting to the same group with the IPSec client and when I failover the HSRP
routers the clients tunnel eventually just times out but it does not
automatically try and reconnect like the 871 does. Should I expect this to
occur or is this automatic reconnection unique to hardware VPN tunnels?
Thanks
Ben
--------------------------------------------------------------------------------
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
