Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
304
Views
0
Helpful
2
Replies

Question about FTD and sessions

Missions210
Level 1
Level 1

‎05-09-2023 12:56 PM

Hi Everyone, I currently have a TAC case open for this but thought I would ask here also

 I have one remote site with 2 WAN connections, one is a IPSEC tunnel over the internet to a hosting site where we are utilizing an FTD and the other connection is an MPLS going back to the home office, which will then will route the traffic to the same Hosting site FTD. 

 All IPSEC tunnel traffic is going through the OUTSIDE interface of the FTD and all the MPLS traffic is going through a COLO interface on the FTD. So the traffic the FTD was once seeing coming from the OUTSIDE interface is now coming from the COLO interface when a failover occurs at the remote site. Just wondering if is it possible for the FTD to keep these sessions when the traffic is now coming from a different interface.

0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎05-09-2023 03:57 PM

If they sent from one interface and due to Failure, if they coming back difference interface - the connection will be dropped as per the flow you mentioned.

but new connection will be success since routing changed.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

MHM Cisco World
VIP
VIP

‎05-09-2023 04:40 PM

Why you dont use vti instead of ipsec ?

This sure solved you problem.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card