2 VPN interfaces on the same device

Unanswered Question
Oct 10th, 2008
User Badges:

Hi all,


I have a bit of a dilemma. We have an ASA 5510 which we currently have some L2L and remote access VPN connections on.We brought in a higher speed line to terminate our VPN on and I need start moving VPN connections to the new interface. I overlooked one issue the default route, it won't follow the same interface it connects to back out. Can I have 2 default routes so that is sends out both interfaces? I know this is a stretch, but I am hoping someone has a solution for this.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
singhsaju Fri, 10/10/2008 - 11:48
User Badges:
  • Silver, 250 points or more

Hi,


You can create specific routes for VPN peers (moved to new interface) pointing towards the new interface. Keep the default route as it is .


route VPN Peer ip 255.255.255.255 XXX.XXX.XXX.XXX 1


I do not think two default routes would work.


HTH

Saju

Pls rate helpful posts

svanguilder Fri, 10/10/2008 - 12:55
User Badges:

I did that with a test connection and it did work. The L2L connections are the easy ones, it is the client based ones that are going to be an issue as there are a lot of them and trying to do a static route individually will be an monstrous task.


Anyone know much about policy based routing? Can I setup a routing policy that allows routing back out the originating interface? That would make life much easier.

Actions

This Discussion