I was wondering is it possible to create a backup for my site to site VPN connection? the remote end has a cisco Router whiich currently has a VPN connection to an ASA 5500. How would I know configure the same router to use another VPN on a different ASA 5500 should the ASA 5500 not work? Will simply putting adding another Peer address on the ISAKMP policy do or do I need to create a new crypto map or is it simply not possible?
You can do this by adding another crypto map on your router. The crypto map name should be the same as the one existing in your configuration but you will need to change the number on that crypto map. This is because you can only apply one crypto map on your interface.
Your crypto map configuration should look like this:
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...