Hello Folks,
Want to confirm a RAP design.
I have RAPs and I want to terminate them in a MD located in DC01, in case of a WAN issue @ DC01, the RAPs should terminate in a second MD located in DC02.
I found I useful link "
Backup Managed Device List" Which explains how this can be, and this is what i m planning to setup
1- DNS entry with hostname lookup PublicIP for DC01 and PublicIP for DC02
2- RAP will use PublicIP-DC01 to terminate IPSEC and get the configuration from MD (located behind a firewall /UDP4500 forwarded)
3- In case PublicIP-DC01 isn't reachable, the RAP will terminate the IPSEC tunnel to PublicIP-DC02 and get configuration from another MD (located behind a firewall /UDP4500 forwarded)
My question here is once PublicIP-DC01 becomes reachable, how RAP will fail back to DC01?