ASA 5500 VPN with failover IPSec tunnel

Unanswered Question
Dec 11th, 2007


can we configure ASA appliance with two IPsec tunnel with same encryption doamin. Something like track a tunnel (like how we used to track an interface in HSRP) and if it fails then switch over to the second IPSec tunnel with encryption domain.

also is this correct - ASA doesnt support BGP either on version 7 or 8 ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
irisrios Tue, 12/18/2007 - 07:02

I have seen instances where failover is possible with Active/ Standby but not on the same ASA. As far as I know , BGP is not supported on ASA . You will need a router in front of ASA.


This Discussion