Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
495
Views
0
Helpful
3
Replies

what type of vpn connection is allowed on the multimode firewall?

Go to solution
hanyawad
Level 1
Level 1

‎05-31-2010 06:16 AM - edited ‎03-11-2019 10:52 AM

dear expers,

hello

i have two physical firewall and i've created active/active failover on them. so i'd like to know what type of vpn connection i can creat on

those firewalls to administer them remotely.

thaks for your quick responde

makar

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎05-31-2010 06:32 AM

VPN is not supported at all for ASA in multi context mode which is what Active/Active failover required.

Here is the URL for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/contexts.html#wp1146747

VPN to administer the ASA is supported in transparent firewall, but not in multi context (Active/Active failover). Here is the URL for VPN termination on transparent ASA to administer the firewall:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/fwmode.html#wp1222826

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎05-31-2010 06:31 AM

Hi,

I believe you can create either IPsec or SSL VPN to administer the ASA remotely.

Since the ASAs are in multiple context, the VPN is only for administration purposes since in multiple context the ASA cannot act as a regular VPN termination point. But for administration, I believe you can do both.

Federico.

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎05-31-2010 06:32 AM

VPN is not supported at all for ASA in multi context mode which is what Active/Active failover required.

Here is the URL for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/contexts.html#wp1146747

VPN to administer the ASA is supported in transparent firewall, but not in multi context (Active/Active failover). Here is the URL for VPN termination on transparent ASA to administer the firewall:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/fwmode.html#wp1222826

0 Helpful

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to Jennifer Halim

‎05-31-2010 06:43 AM

I stand corrected! No VPN support on multiple-context mode (only on transparent mode).

Thank you halijeen.

Federico.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card