ASA vpn with different public ip addresses

Answered Question

Hi Everyone. I can't found anyone who can give me a "for sure" reply about this thing. I wish to link via vpn 2 ASA5505, called A and B. inside a we have net 10.0.0.0/24 and inside b we have net 10.0.1.0/24. now we can have 2 outside ip addresses for A (say 215.18.18.10 and 222.26.12.12) because we have 2 providers to connect to the internet. can the asa keep up 2 vpns - with same cryptomap for the inside destination) so that if the first one falls it can switch to the other vpn by itself?

can this thing be done with other cisco appliances (such as a 2800 series router?

thanks a lot

I have this problem too.
0 votes
Correct Answer by acomiskey about 9 years 8 months ago

Which are you looking to do

1. If connection to B fails then A will use secondary WAN connection to try to bring up the tunnel.

I would use the Backup ISP function for this.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

2. If connection to A fails then B will attempt to bring up the tunnel using secondary peer address.

You can define multiple peers by using crypto maps to provide redundancy

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080450b73.html#wp1042941

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
acomiskey Mon, 05/21/2007 - 06:49

Which are you looking to do

1. If connection to B fails then A will use secondary WAN connection to try to bring up the tunnel.

I would use the Backup ISP function for this.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

2. If connection to A fails then B will attempt to bring up the tunnel using secondary peer address.

You can define multiple peers by using crypto maps to provide redundancy

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080450b73.html#wp1042941

Actions

This Discussion