Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Design issue


Our current design is as below:

Office ASA===>ISP(Site to Site VPN)====>Customer HO Stonegate firewall A

Now customer wants to configure one more L2L VPN as backup between Office ASA and DR site Stonegate FW plus it should also reach customer HO networks using new VPN.

Office ASA===>ISP===>Customer HO (link 1) and DR (link 2)

We are planning to configure new crypto map  for new VPN towards DR FW so both VPN will be up.

Question is, if customer link 1 goes down so traffic should flow using new VPN (link 2) but it should switchover automatically once customer primary link restores.

We can not use SLA on office ASA because only one link is available  howver customer will have two internet links

Please advice.

CreatePlease login to create content