I am looking to see if this is possible, not config details yet, with the hardware I have now.
I have at the main office 2 T1 connections and a ASA5510 with security+ lic and 6 remote offices with 1 broadband connection and a ASA5505 each. I have no routers in my network. At the moment I have VPN tunnels setup between the remote office and the Main office through one of the T1. If I setup a 2nd VPN tunnel on each ASA5505 to the other T1 at the main office, can the ASA5505 switch to the 2nd t1 if I have a failure on the 1st T1. Thanks
Thanks for that link. Let me rephrase my question now.
On my ASA 5510 I have 6 site-to-site VPN connections. If I now setup the "Redundant or Backup ISP link"
Do I also attach my ACL's and cryto maps to the backup interface? Also if the ASA5510 does switch over to the Backup link how do I get the 6 ASA5505's at the other end of VPN tunnels to now open VPN tunnels to the Backup ISP link.
I have not come up with a solution using the ASA 5505. But I am looking at failover DNS were you pay for a service that checks a public IP if it gets no response it redirects the associated DNS name to the backup public IP address.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...