Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Redundant IPSEC Tunnels - ASA 5505 to ASA 5520

I have a remote VPN location that I'm trying to provide a redundant connectivity solution for, here's my scenario:

Tampa has 2 separate ISP connections terminating into an ASA 5505. Philadelphia has a high speed connection terminating into an ASA 5520 cluster. I have successfully configured the backup route as described in "ASA/PIX 7.x Redundant or Backup ISP Links Configuration Example" to allow access to the secondary route when the primary fails. When this happens, I can get out to the Internet but I can't get the IPSEC traffic working over the secondary link.

My question is this: Can the ASA 5505 have 2 seperate IKE and IPSEC sessions to the ASA at the headend? If so, how is this configured?

2 REPLIES
New Member

Re: Redundant IPSEC Tunnels - ASA 5505 to ASA 5520

Maybe this will help. Look at this document.

PIX/ASA 7.x: Simple PIX-to-PIX VPN Tunnel Configuration Example

In it is a section called Backup Site-to-Site Tunnel.

Good luck!

Andy

New Member

Re: Redundant IPSEC Tunnels - ASA 5505 to ASA 5520

Maybe this will help. Look at this document.

PIX/ASA 7.x: Simple PIX-to-PIX VPN Tunnel Configuration Example

In it is a section called Backup Site-to-Site Tunnel.

Good luck!

Andy

1647
Views
0
Helpful
2
Replies