Cisco VPN 3002 Reference Manual page 64

Hardware client

Hide thumbs Also See for VPN 3002:

User manual (220 pages)

Quick start manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

Table of Contents

Configuration | System | Tunneling Protocols | IPSec

Note

If you are using hostnames, it is wise to have backup DNS and WINS servers on a separate network

from that of the primary DNS and WINS servers. Otherwise, if clients behind the VPN 3002 obtain

DNS and WINS information from the VPN 3002 through DHCP, and the connection to the primary

server is lost, and the backup servers have different DNS and WINS information, clients cannot be

updated until the DHCP lease expires.

About Backup Servers

IPSec backup servers let a VPN 3002 connect to the central site when its primary central-site VPN

Concentrator is unavailable. You configure backup servers for a VPN 3002 either on the VPN 3002, or

on a group basis at the central-site VPN Concentrator. If you configure backup servers on the primary

central-site VPN Concentrator, that VPN Concentrator pushes the backup server policy to the VPN 3002

hardware clients in the group. By default, the policy is to use the backup server list configured on the

VPN 3002. Alternatively, the VPN Concentrator can push a policy that supplies a list of backup servers

in order of priority, replacing the backup server list on the VPN 3002 if one is configured. It can also

disable the feature and clear the backup server list on the VPN 3002 if one is configured.

Figure 6-3

San Jose

VPN 3080

Concentrator

XYZ corporation has large sites in three cities: San Jose, California; Austin, Texas; and Boston,

Massachusetts. They just opened a regional sales office in Fargo, North Dakota. To provide access to the

corporate network from Fargo, they use a VPN 3002 that connects to a VPN 3080 in San Jose (1). If the

VPN 3002 is unable to contact the corporate network, Fargo cannot place orders. The IPSec backup

server feature lets the VPN 3002 connect to one of several sites, in this case using Austin (2) and Boston

(3) as backup servers, in that order.

VPN 3002 Hardware Client Reference

6-4

illustrates how the backup server feature works.

Backup Server Implementation

VPN 3002

Hardware Client

VPN 3000

Concentrator

Fargo

Austin

Chapter 6

Boston

VPN 3000

Concentrator

Tunneling

OL-1893-01

Table of Contents

Cisco VPN 3002 Reference Manual page 64

Related Manuals for Cisco VPN 3002

Related Products for Cisco VPN 3002

Table of Contents