Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
576
Views
0
Helpful
1
Replies

VPN on Dual-WAN w/ ASA 5510

Cadre11757
Level 1
Level 1

‎12-16-2010 09:41 PM - edited ‎03-11-2019 12:23 PM

We are currently adding a 50Mbps cable line for a client who at the moment has a T1. Mail will continue to be delivered over the T1, but we want to use the cable line as the default interface for all other traffic. I plan on doing this using SLA's and tracking (we don't need to load-balance, just fail-over from the cable to T1)

I'm curious how this will affect our VPN clients. We have dozens of users who connect via VPN clients using the IP of the old T1 and I need to make sure they can still connect regardless of whether our default route is pointing elsewhere on the ASA. Will it respect the source of the VPN client connection does this require policy-based routing (not supported by ASA's as I understand)

Labels:
0 Helpful
1 Reply 1

praprama
Cisco Employee
Cisco Employee

‎12-18-2010 09:01 PM

Hi,

On the VPN clients, ensure you have the cable IP address added as the backup peer so that if the first connection fails the clients automatically try the 2nd one. Hope this answers your question.

Thanks and Regards,

Prapanch

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card