VPN failover

Hi All,

I want to achieve the following scenario.

1- There are two sites. Site A and Site B.

2- Site A is the primary site, whereas Site B is the Backup Site.

3- Both sites are geographically distant from eachother.

4- Remote users connect via VPN to Primary Site.

Incase, if the Primary Site (Site A) goes down, the Backup Site (Site B) takes over and comes alive.



I want to achieve the solution where the VPN users will be directed to the backup site automatically if the primary site goes down. How can I do this?


Thanks.

The easiest way would be to either use the built-in RRAS feature in Windows Server, or you can purchase a device that does this for you (i.e., Sonicwall or Cisco). Then, using the vpn client software, you could create two sites for the clients to connect to. Instruct them that if one is not reachable to try the other. It's not the most seamless solution but it would probably be the easiest.

Thanks..

could you tell which Cisco device will achieve this?

Most Cisco devices support VPN clients. Personally I use a Cisco ASA 5500 series at work (I think it's a 5505). You can always contact a sales rep. AdamPI has a lot of experience with Cisco gear, he could probably recommend something for you. If you're a small shop (i.e., 50 employees or so) you could use an ASA 5505.

Its all dependant on how many connections you want. If its just a small 5 - 10 person shop, and your going to have a max of 3 - 8 users connected, go for either an ASA5505 or a Cisco 8xx router to do it for you (878, I think is the one with the FastEthernet WAN port). Anything bigger than that and its best to shoot for a ASA5510.

If its more than that probably best to contact your local Cisco expert and get some proper design in there.

Daniel