We have asa connected via vpn
Site 1 is live
Site 2 is in. Standby
We have a web site (asa public server) which is live in site 1. We need to switch this to site 2, as the site 1 dc is shutting down. What we need to do is redirect all traffic hitting the site 1 asa (in case of slow dns update or clients having fixed ip to our service) is it possible to set up public server (open port) to send the traffic over the vpn?
If it is a web server and you need to give users access to the webserver located at Site 2. You just setup the NAT for that server accordingly depending on how your sites are connected. Is your site 2 getting to the Internet via Site 1? In that case you just update the NATed IP of the server on the ASA.
But you mentioned VPN so it can also mean that you have an Internet connection at Site 2 with another ASA. So in that case you can just point the DNS entry to an available public IP addres at Site 2 and then NAT that public IP address to the Webserver at Site 2.
Thanks but i think you misunderstood what we need to do
When we switch sites (ie change dns) all external traffic should hit the second site asa (which is aleady set up)
What we need to do is ensure any traffic which may hit site one (i.e via slow dns propgation or hard coded access) get redirect to the correct site.
If we can set the public servers on the asa to go over the vpn link between the two sites it would be ideal
You can't just update the NAT like this...?
network object webserver
host 192.168.1.10 (This would be the IP of the webserver located at Site #2)
nat (inside,outside) static 184.108.40.206 (220.127.116.11 being the public IP)