I have a remote VPN location that I'm trying to provide a redundant connectivity solution for, here's my scenario:
Tampa has 2 separate ISP connections terminating into an ASA 5505. Philadelphia has a high speed connection terminating into an ASA 5520 cluster. I have successfully configured the backup route as described in "ASA/PIX 7.x Redundant or Backup ISP Links Configuration Example" to allow access to the secondary route when the primary fails. When this happens, I can get out to the Internet but I can't get the IPSEC traffic working over the secondary link.
My question is this: Can the ASA 5505 have 2 seperate IKE and IPSEC sessions to the ASA at the headend? If so, how is this configured?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...