07-01-2019 04:28 AM - edited 02-21-2020 09:15 AM
I have a question regarding ASA session check
Imagen this situation
We have an ASA which is Building two VPNs (Site-to-Site) to the Cloud and in the Routing table there is a loadbalancing to the Destination in the Cloud over the two VPN connections.(Loadbalancing)
My question is lets if the first packet TCP,Syn sent over the first VPN and the answer TCP-ACK came over the second VPN will the ASA Drop this packet?
ofcourse considring RPF is not being violated.
Solved! Go to Solution.
07-05-2019 02:48 AM
Thank you for your respond.
Looks like loadbalancing over tunnels will stay out of reach on ASA.
TCP Bypass ist not supported on Tunnel interfaces.
we will need to install a router infront of the Firewall.
07-01-2019 06:24 AM
07-05-2019 02:48 AM
Thank you for your respond.
Looks like loadbalancing over tunnels will stay out of reach on ASA.
TCP Bypass ist not supported on Tunnel interfaces.
we will need to install a router infront of the Firewall.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: