I have two sites (soon to be three). All have Cisco ASA 5510's with remote access configured and working fine. One site is on the East coast, the other is on the West coast. The third site will be in the Midwest somewhere.
Is there a way to have one hostname (connect.company.com) with multiple IP addresses, and then when a VPN user opens up their Cisco VPN Client and connects to the 1 and only "connection entry" configured, it will determine which router to connect to based on where they are? I can't seem to find out where to look for this.
I have set up two public DNS records, both identical, as connect.company.com. The first record has the WAN IP of the West coast site and the second hostname has the WAN IP of the East coast site. I went to a website that can PING a hostname from multiple countries at once, and the results were about 50/50. Half of the countries returned the East coast's IP, and the other the West coast's IP. Is there something I can employ to accomplish this? My first guess would be RIP but not positive and even if I was correct, where to set up RIP?
Currently, VPN users have multiple connection entries defined in their Cisco VPN Client so if one site goes down, they connect to another IP/connection profile. The physical sites are connected via Site-to-Site VPN.
We are setting up DFS and the goal is that if one of the sites goes down, the end user won't really know because their one connection entry will just connect to the next available router, if the one "closest" to them doesn't respond. Because DFS is set up, their files will be accessible at the other location(s).
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :