VPN tunnels with different metrics on Cisco Pix 515E

Unanswered Question
Oct 17th, 2008

I have an Pix 515E with 6 interfaces.

One of the interfaces has a T-1 router connected to it, and has the public IP x.x.x.x

One of the interfaces has another T-1 router connected to it (from another ISP) and has the public IP y.y.y.y

I have a remote location with a single T-1 and a ASA 5520, the ASA has public IP z.z.z.z

How can I specify 2 VPN tunnels for the same destination networks between the PIX & ASA, so that the VPN tunnel would fail over if one of the T-1s on the Pix decide to fail?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
hadbou Thu, 10/23/2008 - 07:36

I think you can specify 2 vpn tunnels for the same destination network between the PIX and the ASA.PIX firewalls are placed at two different sites. In case of a failure to reach the primary path, it is desirable to kick off the tunnel through a redundant link. IPsec is a combination of open standards that provide data confidentiality, data integrity, and data origin authentication between IPsec peers.


This Discussion