Hi,
I need some help regarding the best way forward for creating a site to site vpn link that has failover redundancy.
Currently I have 2 sites that both have 2 ADSL lines installed, the routers at both ends are simple ADSL to ethernet routers with no special failover functions. I am planning to install at each site 2 ASA5505 with security plus bundle firewalls, and configure them such that if one of the adsl lines at either site fails the vpn tunnel will automatically failover to the other route.
Alternatively, can I achieve a similar level of fault tolerance using just 1 ASA firewall at either end of the 2 adls lines. I understand that this would make either firewall a single point of failure but still provide redundancy of the adsl links which are generally more prone to faults than the firewalls. if it can be done using just 1 ASA at each site, is the ASA 5505 capable or would I need to jump up to an ASA 5510?
What is the difference between the Stateless A/S of the 5505 and the A/A A/S high availability of the 5510?
Hope somebody can help me with this,
Regards
John.