ASA Failover-VPN Issues

Unanswered Question
Oct 28th, 2008
User Badges:

Our ASA5510's recently failed over, and now I have a handful of VPN clients that can connect, but not route anywhere in our network. I'm not sure the configs have been properly synced, but I do not know how to confirm.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
darrenj Tue, 10/28/2008 - 16:06
User Badges:

Silly question, but do the routes from your 'internal' network to the remote VPN clients point to the old 'failed' ASA or to the new ASA? Try checking this first :-)



jgorman1977 Tue, 10/28/2008 - 16:39
User Badges:


They point to the virtual ip address, so that doesn't change on failover. It's only happened to half a dozen people or so. They can connect, but when I monitor the traffic, nothing is being passed. Very strange.



This Discussion