I'm migrating a number of remote sites from one ASA onto a new ASA. The site-to-site vpn is made up from ISRs terminating IPSEC on ASA.
I can bring up two VPNs separately from the ISR, terminating one on each ASAs, but how can I force traffic down the new IPSEC session whilst staying in control at all times?. There is no routing protocol and i know about using reload in command ; )
UKTN-RTR-TEST01#scik IPv4 Crypto ISAKMP SA dst src state conn-id status 18.104.22.168 22.214.171.124 QM_IDLE 1036 ACTIVE 126.96.36.199 188.8.131.52 QM_IDLE 1035 ACTIVE
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...