I have two sites connected utilizing IPSEC with an ASA 5510 at each site. A T1 is terminated at both sites by the ASA. A site-to-site IPSEC vpn is established through the ASA. Traffic at the main site flows from the ASA 5510 to a Catalyst 4507.
We now have a secondary ASA 5510 at the primary site connected to broadband with a route map on the 4507. The route map pushes internet traffic out the secondary ASA and VPN traffic out the primary ASA.
I would like to establish a redundant VPN from the remote ASA 5510 to the local secondary ASA 5510. I'm having a problem conceptualizing routing between the Catalyst 4507 and the secondary ASA. With IPSEC vpns how can I make the Catalyst understand the secondary route to the remote site and use the secondary route when the primary T1 fails?
I hadn't even thought about SLA, that will definitely help.
PBR is required since specific internal subnets access the internet using one ASA while other internal subnets access the internet using the second ASA.
I believe I would set up an identical VPN config on both ASA's at the main site. At the remote site would I simply use 2 peers in the current VPN config? How would failback work in that situation.
Primary ASA internet link fails so routes drop out of the 4507 forcing VPN traffic out the secondary ASA. Secondary ASA builds a VPN tunnel with the remote site. Once the primary internet connection comes back online would the primary ASA build a VPN tunnel with the remote site and would that force teardown of the secondary ASA VPN tunnel?
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...