I'm using the ASA 5516.
ASA and ASA are connected on a dedicated line, and two lines in different bands are connected to the ASA interface.
I would like to use IPSEC VPN and will use IKE V2.
What I'm curious about here is that if Line 1 loses its VPN connection, I'd like to automatically enable Line 2's VPN connection
What else do I need to allocate two Peer IPs?
Do I need additional ACL or Routing settings?
Tell me what you need to be able to be a failover naturally. I beg you.
Here is a good configuration example:
Can you let us know if the 2 ASA is in HA mode or they are not . I have asked this because there is different ways to address these two type of setup .
Whilst considering the downtime in place on the second set up, it's worth to know that in HA mode , standby peer as already finished it own negotiation but the only clause is traffic is not passing through the tunnel until the active peer deny traffic in down state.
Let me know if this help your understanding.
I have the same situation. Maybe you just try to use another VPN services? I found interesting review about cheap VPN https://webguidevpn.com/cheap-vpn/.