Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Remote Access VPN Failover


I have two interenet connetions terminating on my ASA5510 and ISP failover there. Remote access VPN is configured on the device. Normally users are dialing to my primary IP address from the remote end using the VPN client software and if the primary is not available diling to the secondary IP address. My question is can i replace the two dialers in the vpn client software with a single one. That means with out bothering on which connection is available a user can connect to the network using a single dialer. Expecting replies

Thank you,



Re: Remote Access VPN Failover


That is possible only by dialing with domain name to the ASA

I have configured  and make it success to one customer like what you are expecting..Need to register one domain name like, then you need to assign both your primary ISP IP address with the pointer value of 5 and secondary ISP IP address with the pointer value of 10 in public DNS server.

In normal scenario , the people used to dial with domain name to connect VPN, since your primary link is up the primary ISP IP adderss will be resolved by public DNS server, and the user can connect with Primary IP address.

If your Primary ISP link is down, that time primary ISP IP address will not be resolved by DNS server and the DNS server will resolve secondary ISP IP address.Then the users can connect the VPN with secondary ISP IP address.there will be no service impact to the users.