Security-Context and Site-to-Site VPN

Unanswered Question
Aug 12th, 2008

I've configured multiple security contexts with asa 5550. Now I want to use for one context an IPSEC-Tunnel over the internet to connect a remote-site.(VPN Site-to-Site)

Is it possible to use overlapping IP-Ranges and can I locial seperate the VPN's ? I need the same functionality as VRF-Lite/IPSEC with an IOS Router.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Daniel Voicu Tue, 08/12/2008 - 05:24

Hi,

You might want to have a look on the documentation again.

If you configure multicontext, you cannot use ISPEC or SSL anymore, along with some other features:

Unsupported Features

Multiple context mode does not support the following features:

•Dynamic routing protocols

Security contexts support only static routes. You cannot enable OSPF, RIP, or EIGRP in multiple context mode.

•VPN

•Multicast routing. Multicast bridging is supported.

•Threat Detection

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html

Please rate if this helped.

Regards,

Daniel

Actions

This Discussion