Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
495
Views
0
Helpful
2
Replies

Backup VPN connect

sclevenger
Level 1
Level 1

‎01-24-2013 04:13 PM - last edited on ‎03-25-2019 05:50 PM by Community Manager

A bit frustrated and need a helping hand.

We have a client who we have a primary ASA VPN connect to a 203.x.x.x address. They have a ISP that is not the best and have issues time to time staying up.

We want to set up a backup VPN connect that will come up when the primary goes down that will be on the 74.x.x.x net. I am on 8.0.3 code and added the peer site in the ADSM and it does not drop the first one and pick up the second in the same. Don't know if it is a bug ,  a feature or what I though that would do does not work.

The issue is on my side,  I want to use the same interface to make this work. I have seen Docs on using two interfaces via a policy but again that uses two interfaces that I do not have out bound.   So to summarize, I have one outbound connection  that I want to setup a primary vpn connect and that when that one goes down, a second VPN comes up to pass traffic. I posed that same question to Tac and they said they have not seen what I am looking for. Maybe I did not explain my self right. There has to be some one else with this type of issue. I am loking of a direction on how to do this. Thanks for helping me out. Frustrated.

Labels:
0 Helpful
2 Replies 2

Julio Carvajal
VIP Alumni
VIP Alumni

‎01-24-2013 07:47 PM

Not sure if I understand,

Take a look at this:

https://supportforums.cisco.com/community/netpro/security/vpn/blog/2011/04/25/ipsec-vpn-redundancy-failover-over-redundant-isp-links

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

sclevenger
Level 1
Level 1
In response to Julio Carvajal

‎01-25-2013 11:23 AM

Thanks for your support and responce. However this is the vers I spoke about that would require me to have two interfaces to make it work  I do not have that sinario. I have only one interface to the outside world. That limits me. But there has to be a way to setup that if the 203.xxx network goes down, there is a way for a backup of the 74.x.x.x network to pick up the tunnel and work. Hope that make better sence to you now. DO you know of a way?  If you need me to do a drawing for you and you think that would hep, let me know.

regards,

Stephen

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card