cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1109
Views
0
Helpful
3
Replies
Highlighted
Beginner

Does VPN works in Firewall Active Active failover mode?

i want to clarify these two things!
1. Does VPN works in failover mode in Active/Active mode?

2. What about in Failover mode Active/Pasive?


Regards!

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Mentor

Does VPN works in Firewall Active Active failover mode?

Hi,

Using an Active/Active Failover means that the Firewalls will be in Multiple Context mode. In other words virtual firewalls.

This means that you can ONLY use IPsec L2L VPN connections on the virtual firewalls if you are running 9.x software level on the firewalls. Any form of Client and Clientless VPN isnt supported in Multiple Context Mode at the moment.

Now with Active/Standby we have to make a distinction (if that was the word).

IF you run a normal Active/Standby Failover pair of ASAs that IS NOT in Multiple Context mode YOU CAN use any type of VPN the ASAs support.

IF you run a a pair of ASAs in Multiple Context Mode and in Active/Standby Mode you will naturally run into the limitation of VPN support in Multiple Context Mode and WILL NOT be able to use any other VPNs other than IPsec L2L VPN connections provided you are running 9.x software that supports it.

Hope this helps

- Jouni

View solution in original post

3 REPLIES 3
Highlighted
Mentor

Does VPN works in Firewall Active Active failover mode?

Hi,

Using an Active/Active Failover means that the Firewalls will be in Multiple Context mode. In other words virtual firewalls.

This means that you can ONLY use IPsec L2L VPN connections on the virtual firewalls if you are running 9.x software level on the firewalls. Any form of Client and Clientless VPN isnt supported in Multiple Context Mode at the moment.

Now with Active/Standby we have to make a distinction (if that was the word).

IF you run a normal Active/Standby Failover pair of ASAs that IS NOT in Multiple Context mode YOU CAN use any type of VPN the ASAs support.

IF you run a a pair of ASAs in Multiple Context Mode and in Active/Standby Mode you will naturally run into the limitation of VPN support in Multiple Context Mode and WILL NOT be able to use any other VPNs other than IPsec L2L VPN connections provided you are running 9.x software that supports it.

Hope this helps

- Jouni

View solution in original post

Highlighted
Beginner

Does VPN works in Firewall Active Active failover mode?

Thank you for you explanation!
Now i'm more clear!

I'm talking about the situation of normal Active/Standby Failover with a pair of identical ASAs, not in Multiple Context Mode!
Regards!

Beginner

Does VPN works in Firewall Active Active failover mode?

in single context mode, you can only do active/standby and vpn works fine.

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here