03-25-2023 01:23 AM
HI
See diagram, so we want to set up another ipsec vpn on the network on the left which is our other DC, how could we set this up so if the 172.25.192.0/19 network wasnt available on the network on the right (DC1) then the routingwould dynamically point to DC2 on the left.
Thanks
03-25-2023 06:05 AM
I dont get you Q
can you more elaborate
03-25-2023 10:32 AM - edited 03-25-2023 10:33 AM
Hi
so from the diagram you see that we have a IPSEc VPN to AWS where the /19 resides,
network on right DC1
we have a static route pointg to firewall for /19 on the 9500 stack, this is then redistributed into BGP and advertised to the ISP router.
Network on left side DC2
we would like to set up a secondary IPSEC VPN to AWS and if we loose the primary IPSEC VPN we want the routing to then point to DC2 for the /19,
i was thinking maybe ospf on the Firewall and advertise just the /19 and then if we loose the the firewall etc then dynamically route to DC2. I also realise I will neeed isp assistance .?
Thanks
03-25-2023 06:10 AM
Do you intend to use AWS backbone to get to /19 [right] network or does the /19 has another instance in the left AWS region? You need a dynamic routing protocol.
03-25-2023 10:26 AM
Hi
The /19 resides in AWS,
Thanks
03-25-2023 10:30 AM
You mention ipsec and I dont know from which point from edge router or from ASA?
03-25-2023 10:36 AM
ASA public internet the ISP routers are our private MPLS provided by Virgin
03-26-2023 04:24 AM
just mention in your topology from where to where the VPN connection
if you can please
03-27-2023 03:36 AM
Hi
From ASA to Cloud (AWS)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide