I dont think you can have 2 L2L VPNs between the same 2 VPN endpoints (interfaces/IP addresses)
I guess you would need alot more than just the ASAs to create a redundant connection/routing between 2 sites while using L2L VPN.
2 Internet connections per site
2 ASAs per site
2 L2L VPNs between the sites
Use routers on each site behind the ASAs and use GRE+Dynamic routing to select which VPN connection is used.
I must admit I havent had to do even one of these setups as we connect customer networks/sites through MPLS network and dedicated connections. Might be something interesting to lab though at some point.
Thanks for your reply, Let me tweak the question a little. What if we had 1 ASA at site A, and 2 ASAs at site B. We woud then create 2 VPN tunnels:
tunnel1: Site A ASA1 to Site B ASA1
tunnel2: Site A ASA1 to Site B ASA2
So the problem is that Site A only has 1 ASA but with 2 VPN tunnels to the same subnet at Site B. How can we find out which VPN would be taken from Site A to Site B. There are 2 VPNS on Site A ASA so just wondering which one it would take to reach site B??? ... just a matter of interest rather than anything else.
So Site A ASA has a tunnel to each of Site B ASAs as peers and each peer encryption domain has the same subnet? This will depend on the order of the crypto maps you have configured because as soon as the interesting traffic is matched it will fire up that tunnel and it stops there. Is there any reason why you can't have one VPN peer as active and configure the second peer as the standby? I'm assuming you're trying to achieve some level of redundancy with 2 active VPN tunnels but I don't believe that will work with ipsec VPNs.
Radius server configuration for 802.1X
Server radius test1
Address ipv4 10.1.1.1
Server radius test2
Address ipv4 10.1.1.2
aaa group server radius TEST-gr
server name test1
server name test2
Umbrella’s cloud-delivered firewall (CDFW) is a cool features that provides Firewall Services in the Cisco Umbrella Cloud without the need to deploy on-premises firewall devices and visibility and control for internet traffic across all branch offices. To...
SymptomsDownloadable ACL (dACL) does not take effect on the IOS-XE Network Access DevicesDiagnosisCreating redirection ACL on the IOS-XE device failed to redirect the specified traffic for captive portal redirectionSolutionEnable device tracking, Below is...
Multiple Cisco Security Technologies in a single book : ASA Firepower, WSA, Umbrella, ISE and VPN with 100 percent 100 practical scenarios with 70 Labs to cover important topics of the Cisco SCOR Exam. The best part is ISE with interesting scenarios wi...