Security-Context and Site-to-Site VPN

Unanswered Question
Aug 12th, 2008
User Badges:

I've configured multiple security contexts with asa 5550. Now I want to use for one context an IPSEC-Tunnel over the internet to connect a remote-site.(VPN Site-to-Site)


Is it possible to use overlapping IP-Ranges and can I locial seperate the VPN's ? I need the same functionality as VRF-Lite/IPSEC with an IOS Router.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Daniel Voicu Tue, 08/12/2008 - 05:24
User Badges:
  • Silver, 250 points or more

Hi,


You might want to have a look on the documentation again.

If you configure multicontext, you cannot use ISPEC or SSL anymore, along with some other features:


Unsupported Features


Multiple context mode does not support the following features:


•Dynamic routing protocols


Security contexts support only static routes. You cannot enable OSPF, RIP, or EIGRP in multiple context mode.


•VPN


•Multicast routing. Multicast bridging is supported.


•Threat Detection


http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html


Please rate if this helped.


Regards,

Daniel



Actions

This Discussion