thanks Rahul for ur helps, 

i should put this 2 route in my asa:

route tcvpn 10.240.1.0 255.255.255.0 10.240.20.1

route cacvpn 10.240.1.0 255.255.255.0 10.240.30.1

but when put the second route i get error this route already exist, what should i do?

regards,

MM

What is the ASA version you have? And are the 2 interfaces part of the same zone? Refer to the article to understand zoned ECMP:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa93/configuration/general/asa-general-cli/interface-zones.html#56513

i have version 9.2, the 2 interfaces part of different zone my architecture is like that: 

Is this two sites with the same subnet (10.240.1.0/24)? or is it two paths to the same site?

If this is to two different sites then we need to do some NATing on the ASA (or the remote end for that matter).  But first lets establish if these are two seperate sites or two paths to the same site.

--

Please remember to select a correct answer and rate helpful posts

there are two seperate site, what is the NATing i should do ?

You need to identify what the traffic needs are.  Are the remote sites only going to access resources at the main site behind the ASA or will the main site also need to access services at the remote sites?

Depending on the answer to the question above, you will either need to dynamic NAT to one of the site (if just the remote site needs access to main site).  If the main site needs access to some resources at the remote site, then you will need to create static one to one NAT for those resources and all other traffic can use a dynamic NAT.

You only need to NAT one of the sites IPs. the second site can use its original IP.

Are these site to site VPNs?

--

Please remember to select a correct answer and rate helpful posts

in my case the main site only need to access services at the remote sites

(VPN is between two ISP router) 

if they are two paths to the same site the solution is ECMP? that's right?

if the path is to the same site or to the internet then zoned ECMP is the solution.

Now since the main site needs to access services at the remote site you will need to statically NAT those services at one of the sites. then you would access the services at that one site by using the NATed IP.

--

Please remember to select a correct answer and rate helpful posts

the ECMP Zoned is not supported in my ASA 9.2

what the nat i should put in my case?

this is my architecture:

Is that two seperate routers or is it one router with seperate interfaces?

First you would need to determine a subnet you can use for the NATed addresses and then deside which site you will be doing the NATing for.

but for this example I will use tcvpn.

object network REMOTE_RESOURCE_REAL

  host 10.240.1.xxx

object network REMOTE_RESOURCE_TRANSLATED

  host xxx.xxx.xxx.

object-group network LOCAL_LAN

  network-object 10.30.60.0 255.255.255.0

  network-object 10.30.70.0 255.255.255.0

nat (inside,tcvpn) source static LOCAL_LAN LOCAL_LAN destination static REMOTE_RESOURCE_TRANSLATED REMOTE_RESOURCE_REAL

--

Please remember to select a correct answer and rate helpful posts

that is one router with seperate interfaces, can you explain me this code? after put this code  i should put this route: route tcvpn xxx.xxx.xxx.xxx 255.255.255.255 10.240.20.1 or not??

thanks Marius, for example if i put transleted address 10.240.2.28, i will get access to ressources services in remote site by this address(10.240.2.28) in place of 10.240.1.28??

should i put this route: route tcvpn 10.240.2.28 255.255.255.255 10.240.20.1??