IPsec, L2TP, Split tunneling, PPTP and all other VPN related posts.
1 post • Page 1 of 1
Hello, I have some doubts about the VRRP process in VPN concentrators. 1 The Group Shared Address public and private) its the same than the Real Ip Addresses of the Master, correct?For example, if I have configured like this:Master: public(10.10.10.1); private (18.104.22.168)Backup: public(10.10.10.2); private (22.214.171.124) The group shared address should be: public(10.10.10.1) and private(126.96.36.199), correct? 2) If I have already a VPN concentrator configured and I want to had another one for redundancy, and I mantain the same IP address than before for the master, I dont need to change nothing in the neighbours of the VPN concentrator, right? 3) If the Master goes down, the backup will take over the VPN connections, the users will still use the same IP address than before to connect by VPN. However if I want to access to the administration of the backup I should still access to the 188.8.131.52 correct? Thank you. Best regards, Norberto
Yes, you are absolutely correct with all your 3 statements. With your second question, if you would like to add another VPN Concentrator for redundancy, you can actually use the configuration of the other VPN Concentrator, and just change the ip address that you assign to the private and public interfaces so its unique. All that needs to be the same is the group shared addresses, and also the role as a slave instead of master. Here is more information on VRRP for your reference:http://www.cisco.com/en/US/products/hw/ ... 4490.shtml Hope that helps.