I think I lost my mind over this.
I have 2 ASA, one at a remote site- ASA5505 and one at our datacenter-ASA5520. The remote site has 2
internet connections, primary is T1 and backup is DSL. All I want to do is this: when the the T1 fails
the VPN tunnel between the Remote ASA and Datacenter ASA to move the tunnel to the DSL link.
What I thought I had to was on the Datacenter, create 2 tunnel groups and 2 new policies for the remote office
well nope its not working. I have a TAC case open for 6 weeks and even they dont know! arrrr! sorry now thats out.
Remote Site on DSL(18.104.22.168) -------------Datacenter (22.214.171.124) Cry Map Policy 170 -> ACL outside_cyptomap_170 -> peer 126.96.36.199 -> Remote Net 192.168.1.0/24arrrr! sorry now thats out.
Remote Site on T1 (188.8.131.52) (184.108.40.206) Cry Map Policy 160- > ACL outside_crytopmap_160 -> peer 220.127.116.11 -> Remote net 192.168.1.0/24
I think its because the network lists overlap, so how do get this to work. I cant be the only one who has config like this, or am I?