We had one VPN concentrator (3000 ip 170.48.29.xx) in our main datacenter, currently we are establishing a second data center in another city, we will have an ASA (ip 69.87.39.xx) as VPN concentrator for the 2nd data center. All our users (S2s, vpn client) now connect to the main VPN concentrator (ip 126.96.36.199), if possible I would like to use the ASA as the failover VPN concentrator, if the primary one fails, it will take over as the primary without any user (end point) configuration change. Is this possible?
For Remote Access VPN using the IPSec VPN client I believe that it is possible to have the ASA function as the backup concentrator and for users to connect to it automatically if the primary is not available and not require any config change in the client. The IPSec client has a parameter for backup concentrator and the 3000 concentrator can be configured to push the address of the ASA as the backup to the client. I have configured this for some customers and it works quite well.
For site to site VPN I do not believe that it is possible to have the ASA function as backup without config changes. Depending on the capabilities of the device at the other end of the site to site VPN you may be able to configure a second peer address in the crypto map which would allow the device to use the ASA if the 3000 is not available. But that certainly requires a config change.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...