Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > how HSRP redundancy can be applied to crypto IPSec profile ?

Thread Tools

how HSRP redundancy can be applied to crypto IPSec profile ?

He Ming
Posts: n/a
Hi all, I am setting up a VPN tunnel between hub and spoke routers.
In the hub, I use an active router and a standby router to achieve
redundancy. From cisco website, HSRP + RRI has been provided in this
scenario, where HSRP is configured on WAN interface. the configuation is
as follows:

crypto map mymap 1 ipsec-isakmp
set peer
set transform-set esp-3des-sha
match address 102

Interface FastEthernet 0/0
ip address
standby name group1
standby ip
crypto map mymap redundancy group1

but my problem here is, I am using crypto IPsec profile instead of static
map on the hub.consequently there is no map name, so i can 't use the
"crypto map mymap redundancy group1" on wan interface.
my configuration for the crypto ipsec profile is like that:

crypto isakmp policy 1
authentication pre-share
crypto isakmp key dmvpnkey address
crypto ipsec transform-set dmvpnset ah-md5-hmac esp-des
mode transport
crypto ipsec profile dmvpnprof
set transform-set dmvpnset

Because of the requirement, I cant replace the dynamic profile with static
map in hub.
SO i am now looking for a way to implement HSRP resundancy for IPsec
profile. Can anyone
give any solution or some hints? Millions of Thanks!

He Ming

Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
hsrp redundancy on catalyst 3750x to router spinnekop Cisco 0 01-19-2012 03:18 PM
Campus Design Problem - Redundancy, HSRP, STP, VLANs... Cisco 2 09-18-2007 01:42 PM
Crypto map applied on loopback interface Sebastian Cisco 0 04-15-2005 10:42 PM
Redundancy concept help with BGP/IBGP and HSRP Blackjack Cisco 2 09-28-2004 04:24 PM
Counters under "show crypto ipsec sa detail" Rod Cisco 0 05-02-2004 02:40 PM