10-04-2010 05:40 AM - edited 03-11-2019 11:49 AM
Howdy, I'm looking to find out if it is possible to build an IPSec tunnel on a multi-security context ASA5520? If not, what are the alternate solutions to build tunnels between sites on a multi-context ASA? Thanks in advance for any info.
Solved! Go to Solution.
10-04-2010 05:49 AM
Hi,
Unfortunately, ASA in mulitlpe mode does not support VPN:
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html#wp1116132
What exactly is your requirement? We can then maybe think of alternatives. One would be to have another device in front of this ASA to terminate the VPN.
Regards,
Prapanch
10-04-2010 05:50 AM
Hi Robert,
The Multi Context mode in the ASA does not support VPN. For a workaround you might have to tunnel on devices other than the Multi Context ASAs. Here is the official doc from CISCO side http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html#wp1116132
Regards,
Namit
10-04-2010 05:50 AM
Robert,
When you use multiple security contexts on the ASA it disables all VPN functionality as described here:
http://www.cisco.com/en/US/customer/docs/security/asa/asa83/asdm63/configuration_guide/contexts.html
If you need multiple contexts there is not going to be a way for you to terminate your VPN connection at the ASA. What other switching & routing gear do you have on-site? You might be able to take advantage of IOS VPN functionality of these devices.
10-04-2010 05:49 AM
Hi,
Unfortunately, ASA in mulitlpe mode does not support VPN:
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html#wp1116132
What exactly is your requirement? We can then maybe think of alternatives. One would be to have another device in front of this ASA to terminate the VPN.
Regards,
Prapanch
10-04-2010 05:50 AM
Hi Robert,
The Multi Context mode in the ASA does not support VPN. For a workaround you might have to tunnel on devices other than the Multi Context ASAs. Here is the official doc from CISCO side http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html#wp1116132
Regards,
Namit
10-04-2010 05:50 AM
Robert,
When you use multiple security contexts on the ASA it disables all VPN functionality as described here:
http://www.cisco.com/en/US/customer/docs/security/asa/asa83/asdm63/configuration_guide/contexts.html
If you need multiple contexts there is not going to be a way for you to terminate your VPN connection at the ASA. What other switching & routing gear do you have on-site? You might be able to take advantage of IOS VPN functionality of these devices.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide