cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
328
Views
0
Helpful
4
Replies

ASA redundant L2L tunnels

romannovak
Level 1
Level 1

Hello.

I have situatation with ASA 5505 on remote office and ASA 5510 on central location. There is L2L tunnel between them.

Now the remote office is getting second ISP. I established L2L tunnel over second ISP.

The problem is that on remote office ACL for tunnels are practicly the same (it is still the same local network on remote office and the same server network on the central location).

How to solve this problem

-on remote location - when both ISP are up, how will ASA "know" into which tunnel to send traffic for central location?

-on central location - the same question, how it will know which tunnel to location will use?

Thanks for answering,

C.

4 Replies 4

romannovak
Level 1
Level 1

Can this be solved with any other mean than using GRE over Ipsec (terminating on router behind ASA's on central and remote location?

C.

anyone?

And another question: is terminating GRE tunnel supported on FWSM?

You could use the example above on the remote end.

Then, on the central side you could define 2 peers

crypto map outside_map 1 set peer 1.1.1.1 2.2.2.2

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: