Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA Multiple Security Context IPSec Tunnel

Howdy,  I'm looking to find out if it is possible to build an IPSec tunnel on a multi-security context ASA5520?  If not, what are the alternate solutions to build tunnels between sites on a multi-context ASA?  Thanks in advance for any info.

3 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: ASA Multiple Security Context IPSec Tunnel

Hi,

Unfortunately, ASA in mulitlpe mode does not support VPN:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html#wp1116132

What exactly is your requirement? We can then maybe think of alternatives. One would be to have another device in front of this ASA to terminate the VPN.

Regards,

Prapanch

Cisco Employee

Re: ASA Multiple Security Context IPSec Tunnel

Hi Robert,

The Multi Context mode in the ASA does not support VPN. For a workaround you might have to tunnel on devices other than the Multi Context ASAs. Here is the official doc from CISCO side http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html#wp1116132

Regards,

Namit

Re: ASA Multiple Security Context IPSec Tunnel

Robert,

When you use multiple security contexts on the ASA it disables all VPN functionality as described here:

http://www.cisco.com/en/US/customer/docs/security/asa/asa83/asdm63/configuration_guide/contexts.html

If you need multiple contexts there is not going to be a way for you to terminate your VPN connection at the ASA. What other switching & routing gear do you have on-site? You might be able to take advantage of IOS VPN functionality of these devices.

3 REPLIES
Cisco Employee

Re: ASA Multiple Security Context IPSec Tunnel

Hi,

Unfortunately, ASA in mulitlpe mode does not support VPN:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html#wp1116132

What exactly is your requirement? We can then maybe think of alternatives. One would be to have another device in front of this ASA to terminate the VPN.

Regards,

Prapanch

Cisco Employee

Re: ASA Multiple Security Context IPSec Tunnel

Hi Robert,

The Multi Context mode in the ASA does not support VPN. For a workaround you might have to tunnel on devices other than the Multi Context ASAs. Here is the official doc from CISCO side http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html#wp1116132

Regards,

Namit

Re: ASA Multiple Security Context IPSec Tunnel

Robert,

When you use multiple security contexts on the ASA it disables all VPN functionality as described here:

http://www.cisco.com/en/US/customer/docs/security/asa/asa83/asdm63/configuration_guide/contexts.html

If you need multiple contexts there is not going to be a way for you to terminate your VPN connection at the ASA. What other switching & routing gear do you have on-site? You might be able to take advantage of IOS VPN functionality of these devices.

1617
Views
0
Helpful
3
Replies