I have got a new request to build a new VPN with automatic redundancy using dual ISP, I have created the IPSec VPN using dual ISP and I have defined multiple peers using crypto map to provide redundancy, although Cisco confirmed that configuration is useful for site to site VPNs as the redundant tunnel comes up "active" when the main tunnel fails the solution didn't work properly because the adaptive security appliance cycle couldn't back to the first peer when all peers associated with the crypto map have failed.
Is there any additional configurations can be added to let the ASA back to the first peer when the 1st link comes up?
Main question, is this a Backup or Cluster for load balancing on Remote access VPNs? If you have it as a backup only with SLA monitoring, the tunnel should come up on the primary link as soon as it is active. If it is clustering, both are going to be active at the same time (in case that you are using the VPN server functionality on the ASA) .
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...