1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Hardware
  5. CVPN3002-K9 - Fast Ethernet VPN Gateway
  6. Getting started

Ipsec Backup Servers - Cisco CVPN3002-K9 - Fast Ethernet VPN Gateway Getting Started

Hardware client
Hide thumbs
Table of Contents

Advertisement

Chapter 1
Understanding the VPN 3002 Hardware Client
Individual users authenticate according to the order of authentication servers that you configure for a
group on the VPN Concentrator.
You configure individual user authentication on the VPN Concentrator, which pushes the policy to the
VPN 3002. For more information and configuration instructions, refer to the "User Management"
chapter of the VPN 3000 Series Concentrator Reference Volume 1: Configuration.

IPSec Backup Servers

IPSec backup servers let a VPN 3002 hardware client connect to the central site when its primary
central-site VPN Concentrator is unavailable. You configure backup servers for a VPN 3002 either on
the VPN 3002, or on a group basis at the central-site VPN Concentrator. If you configure backup servers
on the central-site VPN Concentrator, that VPN Concentrator pushes the backup server policy to the
VPN 3002 hardware clients in the group.
Figure 1-1
Figure 1-1
San Jose
VPN 3080
Concentrator
XYZ corporation has large sites in three cities: San Jose, California; Austin, Texas; and Boston,
Massachusetts. They just opened a regional sales office in Fargo, North Dakota. To provide access to the
corporate network from Fargo, they use a VPN 3002 that connects to a VPN 3080 in San Jose (1). If the
VPN 3002 is unable to contact the corporate network, Fargo cannot place orders. The IPSec backup
server feature lets the VPN 3002 connect to one of several sites, in this case using Austin (2) and Boston
(3) as backup servers, in that order.
The VPN 3002 in Fargo first tries to reach San Jose. If the initial IKE packet for that connection (1) times
out (8 seconds), it tries to connect to Austin (2). Should this negotiation also time out, it tries to connect
to Boston (3). These attempts continue until the VPN 3002 has tried all servers on its backup server list,
to a maximum of 10.
OL-2854-01
illustrates how the backup server feature works.
Backup Server Implementation
VPN 3002
Hardware Client
1
2
VPN 3000
Concentrator
Fargo
Austin
VPN 3002 Hardware Client Getting Started
Additional Software Features
Boston
VPN 3000
3
Concentrator
1-7

Advertisement

Table of Contents
loading

Related Manuals for Cisco CVPN3002-K9 - Fast Ethernet VPN Gateway

Related Content for Cisco CVPN3002-K9 - Fast Ethernet VPN Gateway

This manual is also suitable for:

3002

Table of Contents