Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Dual ISP - VPN config solution required

Hello All,

 

I stuck in a situation. We have two ISPs say ISP1 and ISP2 who provided us with LAN public IP pools LAN1 & LAN2 respectively. Both ISPs landing on a router

I want to configure ipsec tunnel with our remote office on ASA behind router. Issue: If I configure IPSEC tunnel using LAN1 and if ISP1 goes down, tunnel went down as LAN1 pool is not routed through ISP2, same happens while configuring tunnel using LAN2.

I tried to configure VPN tunnel on router using both the LAN1 & 2 with ip sla on routing. HOwever it didnt worked as Tunnel went in hung state while failover and also ASA purchase went useless.

One solution that I think of is to purchase self public ip pool and get that advertised through both the ISPs, but procuring a public pool includes cost and we also not going to use pool to its maximum.

Please advise,if it is possible to have VPN tunnels configured on ASA with two different ISPs IP and have proper failover of traffic through tunnel when any of the ISP fails.

My mind says:

LAN1 - IPSEC tunnel ---->> remote ASA

LAN2-IPSEC tunnel ---->> remote ASA

Both tunnel should remain up but in primary - secondary mode. as well with ASA failover.

 

Appreciate help. Thanks in Advance

Manu Garg

Everyone's tags (1)
83
Views
0
Helpful
0
Replies
CreatePlease to create content