We are planning on bringing up a second site with a public class C, and putting ASAs at each site - at the new site in a failover config, and the previous site as a single unit (not failover or standby). The new site will be primary, and the previous site will be failover. We want to have one IP for users to VPN into, regardless of which site is 'up'. Can ASAs do this? I've enclosed a pic (public IPs replaced) to clarify. Any comments or info is greatly appreciated.