Failover ASA pair to failover ASA pair - problem accessing remote standby

Unanswered Question
Feb 1st, 2009
User Badges:

<p>I have a L2L VPN that goes from the head end of a ASA failover pair to a remote ASA failover pair. There is nothing wrong with the VPN tunnel or access to any of the network EXCEPT the standby ASA on the remote side.</p>

<p>I am trying to access the remote standby device going over the tunnel (and so is tacacs/ciscoworks/ehealth etc). I believe the packets are getting to that firewall just fine, but when it tries to route back home it sends the packet out the outside interface, because the primary has a tunnel established on the outside interface. This is when the packet just dies and gets lost.</p>

<p>How can I get the standby ASA to use the active ASA's vpn tunnel when sending packets destined for something on the other side of that tunnel? There has to be a magic cisco command that does this correct?</p>

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
RicheeJJJ_2 Thu, 02/05/2009 - 15:09
User Badges:

I'm not sure if people don't have enough information to help me or if there truly is no solution to this.


This Discussion