It appears this has been brought up before, but it was never resolved.
Currently I have an ASA 5510 connected to our distribution layer using an IP address in a subnet protected with HSRP. If one of the two dist layer devices go down, the firewall is protected and the IP address doesn't change.
Because of stability and bandwidth requirements, the firewall is being upgraded to a 5520 and connected directly to our cores using EIGRP to route and load balance traffic. I cannot create a loopback address and will need to bind the VPN connections to one of the two point to points with the cores.
If that core router were to go down for some reason, albeit be maintenance or software/hardware issue, the VPN will also go down.
Is there anyway to create a loopback address or use the redundant interface command to create such a link?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...