I?m willing to configure HA for IPSec L2L VPN tunnel on routers 2800 running IOS version 12.4(3a).
I had two identical routers and planning to configure HSRP for HA, I already had multiple VPN tunnels terminated on the outside interface and once I enabled the HSRP on that interface all the VPN sessions terminated and I noticed that the source interface for the VPN session became the actual IP address of the interface NOT the HSRP IP.
It's should work. You can still configure a static source in your cryptomap statement but that would only be a workaround. Can you post your crypto config and the config of your interfaces, I'll have a look.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...