VPN Redundancy with HSRP on WAN

Home Forums Networking Cisco Routers & Switches How-to VPN Redundancy with HSRP on WAN

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    cfut
    Member
    #161292

    I’m wondering if someone here might be able to help with this config.
    I have a Headquarters and a single remote site. The remote site has two ISP’s and two routers running in an HSRP group on the LAN and WAN side.

    I’m having trouble adding VPN between the sites. I can add the second peer to the crypto map at the headquarters but when I try to add it to the remote site I get an error. It basically won’t allow me to tie the crypto map to two different HSRP groups. Error says: “Crypto Map already applied with another redundancy name”

    Here’s a similiar config (but without dual routers/HSRP groups)
    https://supportforums.cisco.com/community/netpro/security/vpn/blog/2011/04/25/ipsec-vpn-redundancy-failover-over-redundant-isp-links”

    see the attached pic and config below

    CONFIGS

    R1

    crypto map HQT-VPN
    set peer 3.3.3.3

    routing to peer 3.3.3.3 done using ipsla and weighted static routes

    fa0/0
    ip address 1.1.1.1 255.255.255.248
    standby 1 ip 1.1.1.3
    standby 1 preempt
    standby 1 priority 145
    standby 1 name WANHSRP
    crypto map HQT-VPN redundancy WANHSRP

    fa0/1
    ip address 2.2.2.1 255.255.255.248
    standby 2 ip 2.2.2.3
    standby 2 preempt
    standby 2 priority 145
    standby 2 name WANHSRP2
    {crypto map HQT-VPN redundancy WANHSRP2}
    {error says: Crypto Map already applied with another redundancy name}


    R2

    crypto map HQT-VPN
    set peer 3.3.3.3

    fa0/0
    ip address 1.1.1.2 255.255.255.248
    standby 1 ip 1.1.1.3
    standby 1 preempt
    standby 1 priority 145
    standby 1 name WANHSRP
    crypto map HQT-VPN redundancy WANHSRP

    fa0/1
    ip address 2.2.2.2 255.255.255.248
    standby 2 ip 2.2.2.3
    standby 2 preempt
    standby 2 priority 145
    standby 2 name WANHSRP2
    {crypto map HQT-VPN redundancy WANHSRP2}
    {error says: Crypto Map already applied with another redundancy name}

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.