Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Two separate L2L tunnels between same two ASA

I have a large MPLS fully meshed network with two main locations, both of which have an ASA with internet access as well as the MPLS access.  I need to be able to provide a backup connection between the two main locations in the event one of the MPLS links to one or the other goes down.

I am considering using a L2L IPSEC tunnel between the two ASA's but the interesting traffic for the tunnel is different depending on which of the links is down and there fore I would need two different tunnels.  I have my servers and remote desktop servers at one of the main sites and the other main site has another organization attached to it externally that the servers must be able to access.

Is there a way of creating two separate L2L tunnels between the two ASA's?  Could I perhaps assign two public IP addresses to each of the ASA's and then create the tunnels between different endpoints on each ASA?

Does anyone have another possible solution to the problem? 


Everyone's tags (4)
Hall of Fame Super Silver

Two separate L2L tunnels between same two ASA

You should be able to do what you want using IP SLA. Please see this excellent blog post which documents one way to accomplish it.

Hope this helps.

CreatePlease to create content