08-27-2013 10:16 PM - edited 03-11-2019 07:31 PM
Hi,
I have ASA 5505, want to configure the 2 ISP link Tata and Airtel with failover.
I want to configure the WebVPN with failover, so that user don't need to change the public address when one link goes down.
thanks with regards
Ashish Kumar
08-28-2013 02:32 AM
This won't work because when Failover accurs (e.g. Tata down) you won't be able to reach this IP
Michael
Please rate all helpful posts
08-28-2013 03:48 AM
Hi michael,
First of thanks for reply.
Can we do it by public certificate or DNS entry e.g. both ISP Public ip address entry will be in DNS and user will hit particular DNS name. You r right that once link down so user will disconnect but when he will retry then he will connect via another link.
Is it possible??
Ashish
08-28-2013 03:55 AM
You could try to enable WebVPN on both outside interfaces and do DNS roundrobin, perhaps this works (never tested).
Michael
Please rate all helpful posts
08-28-2013 04:12 AM
can u share any document.
thanks
Ashish
08-28-2013 04:22 AM
In ASDM you can select the interfaces where WebVPN is activated, there you check both outside IF's.
In DNS, when your name is vpn.example.com, you set A records for both public IPs
Michael
Please rate all helpful posts
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide