Redundant IPSEC Tunnels - ASA 5505 to ASA 5520

Unanswered Question
Sep 25th, 2007
User Badges:

I have a remote VPN location that I'm trying to provide a redundant connectivity solution for, here's my scenario:

Tampa has 2 separate ISP connections terminating into an ASA 5505. Philadelphia has a high speed connection terminating into an ASA 5520 cluster. I have successfully configured the backup route as described in "ASA/PIX 7.x Redundant or Backup ISP Links Configuration Example" to allow access to the secondary route when the primary fails. When this happens, I can get out to the Internet but I can't get the IPSEC traffic working over the secondary link.

My question is this: Can the ASA 5505 have 2 seperate IKE and IPSEC sessions to the ASA at the headend? If so, how is this configured?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion