Cisco Cisco Packet Data Gateway (PDG)
Security Gateway Overview
▀ ASR 9000 VSM IPSec High Availability
▄ SecGW Administration Guide, StarOS Release 18
20
VSM card status data is exchanged between VPN managers on active and standby VSMs via SRP. SA data is also
exchanged via SRP.
exchanged via SRP.
The VPC-VSM System Administration Guide fully describes ICSR configuration procedures.
Chassis-to-Chassis ICSR Redundancy
SecGW HA supports hot standby redundancy between two VSMs in different ASR 9000 chassis. The Standby VSM is
ready to become active once a switchover is triggered. SA re-negotiation is not required and traffic loss is minimal.
ready to become active once a switchover is triggered. SA re-negotiation is not required and traffic loss is minimal.
For additional information, see the Reverse Route Injection (RRI) chapter.
HA Configuration
HA employs ConnectedApps (CA) communication between the client running on the wsg-service VM and IOS-XR
running on the ASR 9000.
running on the ASR 9000.
StarOS connectedapps commands configure the CA client parameters, including those associated with HA mode. For
additional information, refer to the oneP Communication chapter.
additional information, refer to the oneP Communication chapter.