Unanswered Question
Jan 27th, 2009
User Badges:

I have an application with three ASA 5505's. I have attached a diagram.

The application is currently one single network with one ASA connecting the network to the internet and allowing VPN client access into the network.

The network is expanded with two long distance wireless bridges that connect at a speed much higher than affordable internet connections.

We are attempting to install two additional ASA's to create a VPN tunnel from ASA(a) to ASA(b) to ASA(c). The purpose of the tunnel is to create a failover route to back-up the wireless bridge.

We want traffic to follow the wireless bridge out to ASA(a) from ASA b&c unless the wireless link fails in which case we want it to fail over to a second port on the same ASA to connect to ASA(a) through the VPN tunnel through the internet provider.

See the attached diagram.

Is it possible to do this with the ASA 5505's? The original consulting company recommended the 5505, now another networking company says the 5505 is not capable of this failover.

If the 5505 is capable of this, can we do it with one 5505 in each of the three locations, or do we need to connect two at each location?

Should a different product have been recommended for this application?

Please help, and thank you in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ebreniz Mon, 02/02/2009 - 16:10
User Badges:
  • Silver, 250 points or more

It's a known error: bug CSCsi05805 - FAILOVER - No check for use of back-up interface.


This Discussion