Virtual Private Networks (VPN) IPsec
Digi Connect IT® 4 User Guide
338
1. Configure the primary IPsec tunnel. See Configure an IPsec tunnel for instructions.
n During configuration of the IPsec tunnel, set the metric to a low value (for example, 10):
(config vpn ipsec tunnel IPsecFailoverPrimaryTunnel)> metric 10
(config vpn ipsec tunnel IPsecFailoverPrimaryTunnel)>
n Configure SureLink for the primary IPsec tunnel and enable Restart interface. See
Configure SureLink active recovery for IPsec for instructions.
(config vpn ipsec tunnel IPsecFailoverPrimaryTunnel)> surelink restart
true
(config vpn ipsec tunnel IPsecFailoverPrimaryTunnel)>
2. Create a backup IPsec tunnel. Configure this tunnel to use the same local and remote
endpoints as the primary tunnel. See Configure an IPsec tunnel for instructions.
n During configuration of the IPsec tunnel, set the metric to a value that is higher than
the metric of the primary tunnel (for example, 20):
(config vpn ipsec tunnel IPsecFailoverBackupTunnel)> metric 20
(config vpn ipsec tunnel IPsecFailoverBackupTunnel)>
IPsec failover using Preferred tunnel
Web
1. Configure the primary IPsec tunnel. See Configure an IPsec tunnel for instructions.
2. Create a backup IPsec tunnel. See Configure an IPsec tunnel for instructions.
3. During configuration of the backup IPsec tunnel, identify the primary IPsec tunnel in the
Preferred tunnel parameter:
Command line
1. Configure the primary IPsec tunnel. See Configure an IPsec tunnel for instructions.
2. Create a backup IPsec tunnel. See Configure an IPsec tunnel for instructions.
3. During configuration of the backup IPsec tunnel, identify the primary IPsec tunnel:
a. Use the ? to view a list of available tunnels:
(config vpn ipsec tunnel backup_ipsec_tunnel)> ipsec_failover ?
Preferred tunnel: This tunnel will not start until the preferred tunnel
has failed. It will continue
to operate until the preferred tunnel returns to full operation status.
To Next Page
Loading...
