Hello Gentlemen (and possible Ladies)
Does anybody know how to create a backup IPSec tunnel on (HP) H3C equipment? Mostly MSR routers. We need this to migrate from Cisco to H3C with S2S VPN setups.
For reference, cisco uses this (see below) configuration to establish S2S VPN to peers in round-robin fashion and therefore can provide backup peer IPs,. .... any ideas on how to get this to H3C? Crypto map on H3C (ipsec policy refuses to incorporate more than one IP).
crypto map swissport-map 35 ipsec-isakmp
description IPSec tunnel with backup IP
set peer 21.81.54.21 // geographically redundant primary
set peer 21.85.90.27 // geographically redundant backup (H3C equivalent unknown)
set pfs group2
set transform-set set1
match address acl-crypto-list