I am configuring two Cisco ASA for site to site VPN using two load balancers. The load balancers will perform a failover should one of the line fails. Say for example, in normal conditions, the VPN tunnel will be created along the 'red' line (see picture) to the remote host. If one site's Internet line fails (say Site A's red link), the tunnel from Site A should go by the blue link to Site B's red link (if Site B's Internet line is perfectly fine).
For both remote sites, I want to connect each peer by using hostname (e.g. vpn.sitea.com). Also, for both sites, I am not sure how to add security associations so that each firewall can accept the different IP address of each other's multiple links.
Below, I have created a script for site-to-site VPN.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...