cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
439
Views
0
Helpful
1
Replies

Remote Access VPN Failover

shijomon scaria
Level 1
Level 1

Hi,

I have two interenet connetions terminating on my ASA5510 and ISP failover there. Remote access VPN is configured on the device. Normally users are dialing to my primary IP address from the remote end using the VPN client software and if the primary is not available diling to the secondary IP address. My question is can i replace the two dialers in the vpn client software with a single one. That means with out bothering on which connection is available a user can connect to the network using a single dialer. Expecting replies

Thank you,

Shijo.

1 Reply 1

Hi,

That is possible only by dialing with domain name to the ASA

I have configured  and make it success to one customer like what you are expecting..Need to register one domain name like vpn.cisco.com, then you need to assign both your primary ISP IP address with the pointer value of 5 and secondary ISP IP address with the pointer value of 10 in public DNS server.

In normal scenario , the people used to dial with domain name to connect VPN, since your primary link is up the primary ISP IP adderss will be resolved by public DNS server, and the user can connect with Primary IP address.

If your Primary ISP link is down, that time primary ISP IP address will not be resolved by DNS server and the DNS server will resolve secondary ISP IP address.Then the users can connect the VPN with secondary ISP IP address.there will be no service impact to the users.

Regards

Karuppu

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: