Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
289
Views
0
Helpful
2
Replies

2 VPN interfaces on the same device

svanguilder
Level 1
Level 1

‎10-10-2008 10:46 AM - edited ‎02-21-2020 03:59 PM

Hi all,

I have a bit of a dilemma. We have an ASA 5510 which we currently have some L2L and remote access VPN connections on.We brought in a higher speed line to terminate our VPN on and I need start moving VPN connections to the new interface. I overlooked one issue the default route, it won't follow the same interface it connects to back out. Can I have 2 default routes so that is sends out both interfaces? I know this is a stretch, but I am hoping someone has a solution for this.

Labels:
0 Helpful
2 Replies 2

singhsaju
Level 4
Level 4

‎10-10-2008 11:48 AM

Hi,

You can create specific routes for VPN peers (moved to new interface) pointing towards the new interface. Keep the default route as it is .

route VPN Peer ip 255.255.255.255 XXX.XXX.XXX.XXX 1

I do not think two default routes would work.

HTH

Saju

Pls rate helpful posts

0 Helpful

svanguilder
Level 1
Level 1
In response to singhsaju

‎10-10-2008 12:55 PM

I did that with a test connection and it did work. The L2L connections are the easy ones, it is the client based ones that are going to be an issue as there are a lot of them and trying to do a static route individually will be an monstrous task.

Anyone know much about policy based routing? Can I setup a routing policy that allows routing back out the originating interface? That would make life much easier.

0 Helpful
Customers Also Viewed These Support Documents