09-24-2019 07:36 AM
Hi
Our network as shown in the picture below, we use any-connect for remote users. Any-connect is configured in ASA1.
I want to add ASA2 to the configuration as high availability. If the ASA1 goes down, the users will automatically use ASA2 to connect to network.
Is there a way I can do this High Availability between two ASAs with different ISP and public IP addresses?
Do I need to use the same IP pool in both ASAs?
Solved! Go to Solution.
09-24-2019 08:09 AM
Yes - I do something like that often for our clients.
You just specify in the Anyconnect client profile a backup server. Put in the FQDN for the secondary site. If the client cannot connect on the primary it will automatically fail over to the second one. It's best to use separate pools as the ASA pairs will not know if the addresses have been assigned by the other pair. Also, your internal routing needs to know how to reach each respective pool.
09-24-2019 08:09 AM
Yes - I do something like that often for our clients.
You just specify in the Anyconnect client profile a backup server. Put in the FQDN for the secondary site. If the client cannot connect on the primary it will automatically fail over to the second one. It's best to use separate pools as the ASA pairs will not know if the addresses have been assigned by the other pair. Also, your internal routing needs to know how to reach each respective pool.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide