I have two ASAs running 7.2.2 each is connected to the Internet via a router with links to two ISPs. Internet access is fine and using object tracking I can get teh routers to swap which ISP they send the traffic to if one ISP fails.
The problem is the L2L ISPEC tunnel between the ASAs. Since the routers do the NAT the outside IP address of the ASAs appears to change dependent on whic ISP is being used.
I have looked at using multiple peers in the crypto map at one end using "the originate" option and the "answer only" option at the other end but that doesnt look viable if both ends change their IP address.
Any ideas ?