ā07-08-2018 11:18 PM
Hi team,
I am supporting our customer on the VPN configuration. They have 02 site DC and DR, each site has 02 boxes ASA-5525 running HA mode and 02 RSA Radius Servers in HA mode for authentication.
The question is when using the RA-VPN, can we configure the same priority on the ASAs for both RSA servers at each site, so that the VPN session will be loaded balance between sites or the priority has to be different so that the VPN session will be forwarded to the site which has higher priority.
Highly appreciate for any quick response.
Thanks in advance.
Br,
hainm
ā07-09-2018 05:38 AM
hi Hainm,
On the ASA, you will have to configure the higher priority RSA server first in the AAA server group. The second (lower priority) server will only be used when the first RSA server does not respond to authentication requests.
HTH,
Divya
ā07-09-2018 08:18 AM
Many thanks bro.
Best regards,
.:|:.:|:. Hai Nguyen
Systems Engineer | Cisco Systems Vietnam
Desk: +84 24 3974 6248 | Mobile: +84 904 373 746 | hanguye3@cisco.com<mailto:hanguye3@cisco.com>
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide