Hi
Our network as shown in the picture below, we use any-connect for remote users. Any-connect is configured in ASA1.
I want to add ASA2 to the configuration as high availability. If the ASA1 goes down, the users will automatically use ASA2 to connect to network.
Is there a way I can do this High Availability between two ASAs with different ISP and public IP addresses?
Do I need to use the same IP pool in both ASAs?
Accepted Solutions
Yes - I do something like that often for our clients.
You just specify in the Anyconnect client profile a backup server. Put in the FQDN for the secondary site. If the client cannot connect on the primary it will automatically fail over to the second one. It's best to use separate pools as the ASA pairs will not know if the addresses have been assigned by the other pair. Also, your internal routing needs to know how to reach each respective pool.
Yes - I do something like that often for our clients.
You just specify in the Anyconnect client profile a backup server. Put in the FQDN for the secondary site. If the client cannot connect on the primary it will automatically fail over to the second one. It's best to use separate pools as the ASA pairs will not know if the addresses have been assigned by the other pair. Also, your internal routing needs to know how to reach each respective pool.
