Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Cisco ASA and Multiple IPSec Tunnels

Hello,

I'm planning to do make some changes on my network and i would like to do the following:

We have two point-to-point links connecting our HQ to a remote site.

One side we have ISR 3925 and the other 5512X

Today we can't fully use both links one is always on backup, what i was planning is to creat an IPSec site-to-site tunnel between the ISR and ASA and then creat a GRE tunnel between them and run EIGRP, but ASA does not support GRE, so i had to start my plans again.

So, now i'm planning to run EIGRP over IPSec with the following scenario:

     Remote subnet | My Router| ---> switch --->  | ISP Router | ----------------------------------------------->  | ISP Router | -----> switch ----> ASA

                                                            IPSec

     Remote subnet | My Router| ---> switch --->  | ISP Router | ----------------------------------------------->  | ISP Router | -----> switch ----> ASA

                                                            IPSec

So in theory i could load balance both links, but i'm not sure if i'm capable of creating two IPSec tunnels to the same destination and run EIGRP or another routing protocol to load balance the traffic.

Do you guys have tried that?

1 REPLY
Hall of Fame Super Gold

Cisco ASA and Multiple IPSec Tunnels

It is not supported to have two IPSec site to site tunnels from the same source machine to the same destination machine.

Would it be feasible to run EIGRP over both links to get some load share? Or perhaps have a default route use one link and then route specific subnets over the other link?

HTH

Rick

206
Views
0
Helpful
1
Replies
CreatePlease to create content