Hi,
My customer has the following topology:
CORPORATE_LAN---ASA1---ROUTER1----WAN-------REMOTEROUTER1-----REMOTE_LAN1
X
CORPORATE_LAN---ASA2---ROUTER2----WAN-------REMOTEROUTER2-----REMOTE_LAN2
The ASA1 has two links, one to ROUTER1 and another one to ROUTER2. Similarly, the ASA2 has also two links, one to R1 and the other one to R2.There are 300 remote LANS. We want to configure IPSEC tunnels between the remote routers (ISR 2800) and the two ASA´s (5580). The customer does not want to configure failover, active-standby on both ASA´s, given that contexts do not support vpn´s. The routing protocol on the WAN is OSPF.
He wants to use both ASA´s at the same time, one as the primary peer and the other one as a backup, should the first ASA fails. So the question is: which is the best way to configure redundancy in this scenario?; LANtoLAN or Easy Vpn?...How do I configure the remote routers with the two ASA as a primary and backup peers?.
I´d appreciate your help