cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
516
Views
0
Helpful
1
Replies

5505 FAILOVER

bestdefense
Level 1
Level 1

I have an application with three ASA 5505's. I have attached a diagram.

The application is currently one single network with one ASA connecting the network to the internet and allowing VPN client access into the network.

The network is expanded with two long distance wireless bridges that connect at a speed much higher than affordable internet connections.

We are attempting to install two additional ASA's to create a VPN tunnel from ASA(a) to ASA(b) to ASA(c). The purpose of the tunnel is to create a failover route to back-up the wireless bridge.

We want traffic to follow the wireless bridge out to ASA(a) from ASA b&c unless the wireless link fails in which case we want it to fail over to a second port on the same ASA to connect to ASA(a) through the VPN tunnel through the internet provider.

See the attached diagram.

Is it possible to do this with the ASA 5505's? The original consulting company recommended the 5505, now another networking company says the 5505 is not capable of this failover.

If the 5505 is capable of this, can we do it with one 5505 in each of the three locations, or do we need to connect two at each location?

Should a different product have been recommended for this application?

Please help, and thank you in advance.

1 Reply 1

ebreniz
Level 6
Level 6

It's a known error: bug CSCsi05805 - FAILOVER - No check for use of back-up interface.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: