I'm only lightly familiar with the ASA, so I don't know if this is even possible. Here's what we'd like to do:
We have some mobile laptops with Sprint cards as well as wifi cards. These laptops would have a Cisco VPN client installed. We want them to be able to use the VPN when their in Sprint coverage areas, but they also need to be able to use it when they pull into certain wifi hotspots we have created for them throughout our city.
Their IP address will change when the switch networks, so I'm sure that would break the VPN. One option is to have the user disconnect and reconnect every time they move in and out of these zones, but we'd rather find a way for it to happen dynamically. These are emergency service workers and they have enough on their minds without having to deal with our VPN issues. We want to make it transparent to them, if possible.
Is there a way to make the tunnel dynamically reconnect every time the laptop grabs a new IP address?
That looks like it might be exactly what we're looking for. These laptops would be in one of two possible networks. We could put both of those networks in the client config.
This is still fraught with peril because the laptop will detect two available networks when it is in wifi range. The Sprint card will still be active at that point, so we need to find a way to force the VPN to use the wifi link if it's available.
This is all kind of tricky. We're trying to replace an old, slow and complicated system with a fresher approach.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :