Cisco Support Community
Community Member

Two Redundant VPNs, four internet connections - redundant ISP?


we are looking at implementing a VPN solution with a failover pair of ASA firewalls.  We will have two ISPs, both with two connections for redundancy.  So we'll have ISP1 with two connections - a primary and a backup.  ISP2 will also have two connections of its own.  We will have a total of four internet connections.

I'm wondering if we can set this up on a single ASA.  These are cellular networks and the traffic in ISP1 must stay in ISP1.  The traffic in ISP2 must stay in ISP2.  We will be looking to implement the redundant ISP links for each ISP:

Our VPN will have one crypto map for all the remote hosts on ISP1 and another crypto map for all the hosts on ISP2.  Is it possibe to have the firewall with a redundant ISP setup for ISP1 and a separate redundant ISP setup for ISP2? 

We could setup our routes as the remote endpoints all have a static IP, so we wouldn't have any issues with default routes.

I hope that makes sense - let me know your thoughts and if you have any questions.


CreatePlease to create content