ASA Failover-VPN Issues

Unanswered Question
Oct 28th, 2008

Our ASA5510's recently failed over, and now I have a handful of VPN clients that can connect, but not route anywhere in our network. I'm not sure the configs have been properly synced, but I do not know how to confirm.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
darrenj Tue, 10/28/2008 - 16:06

Silly question, but do the routes from your 'internal' network to the remote VPN clients point to the old 'failed' ASA or to the new ASA? Try checking this first :-)



jgorman1977 Tue, 10/28/2008 - 16:39


They point to the virtual ip address, so that doesn't change on failover. It's only happened to half a dozen people or so. They can connect, but when I monitor the traffic, nothing is being passed. Very strange.



This Discussion