04-09-2007 05:37 AM - edited 03-11-2019 02:57 AM
My question goes into the VPN world. I've read when in active/active config the ASA's do not support vpn/ipsec tunnel failover. My question is does it support IPSEC/VPN's at all in active/active? I mean i realize they may not failover but if I don't care if they are down can i terminate them to 1 or is it just not possible to use VPN/IPSEC with an ASA active/active setup? Hope this helps.
04-09-2007 06:23 AM
hi sorry vpn cannot be configured on the active/active setup. it does not support for vpns on failover setup u need to configure active/standy.
regards
sebastan
08-10-2007 08:26 PM
Hi Guys,
In active / standby mode, would I use the track command to set up the 2nd [failover] vpn tunnel? I'm assuming the 2nd ISP would plug into another VLAN port on the ASA and once tracking failed, a new tunnel would be negotiated. Yes?
08-22-2007 06:17 AM
I believe that version 8.x of the ASA supports Active/Active VPN failover. I looked quickly and couldn't find the notes on this, but I know that this is something I asked about in the past and was told 8.x will support this.
Dan
08-22-2007 06:40 AM
VPN's are still unsupported in multiple context mode in 8.x.
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: