Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
467
Views
0
Helpful
1
Replies

VPN to dual remote endpoints

erik_bjers
Level 1
Level 1

‎12-14-2011 05:26 AM

Not sure if my subject is a good decription of the problem or not.

I have an ASA 5520 at my home office and a SonicWALL NSA2400 at my remote office.  The remote office has dual internet connections and I wanted to create two seperate VPNs between the devices using each internet connection on the SonicWALL.

I know how to configure this on the SonicWALL, the problem is on the ASA 5520

OK Basic network config

Main Office

ASA Public IP 1.1.1.1

ASA Internal network 192.168.1.0 (VPN source)

Remote office

Public IP 1     2.2.2.2

Public IP 2     3.3.3.3

Iternal network 192.168.2.0 (VPN destination on ASA)

If I have a VPN from the main ASA to either one of the SonicWALL's public IPs everything works fine

If I create 2 VPN tounels from the main ASA, 1 to each public IP on the SonicWALL, the VPN shows as up but no traffic flows.

Thanks for any help,

eb

Labels:
0 Helpful
1 Reply 1

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎12-14-2011 07:38 AM

Erik,

If you're planning to use same traffic selectors for both of the peers the correct way to configure this is to add two peers in "peer" statment, not configure two separate crypto map entries for same tunnel.

Only one of those should be active at a time.

Marcin

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents