Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2989
Views
5
Helpful
3
Replies

S2S VPN with multiple context

Go to solution
krishnadig
Level 1
Level 1

‎10-22-2016 09:16 AM

Hello,

I am planning to combine two ASA 5510 (used for separate S2S VPN requirements) into a single Cisco ASA 5512-X using contexts. I would like to know if anyone has deployed S2S VPNs in multi context mode, any known issues and how resource allocation is done (for example)?

Thanks in advance

Krishna

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee

‎10-22-2016 07:24 PM

Hello Krishna,


The implementation of VPN in multiple-mode requires the division of the total available VPN licenses among the configured contexts. The ASA administrator can configure how many licenses each context is allocated.

By default, no VPN tunnel licenses are allocated to the contexts, and the allocation of the license type must be done manually by the administrator.

Here is a document for your reference:-
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/116639-technote-asa-00.html


Regards
Dinesh Moudgil

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

View solution in original post

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee
In response to krishnadig

‎10-22-2016 08:28 PM

Hello Krishna,

Apart from resource allocation that I shared previously, VPN configuration remains the same.
Here is a link for you to configure L2L VPN on ASA which almost remains the same irrespective of context mode

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/119141-configure-asa-00.html

Here is a document to get you started with resource allocation on multiple context:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/ha_contexts.html#75590


Hope this helps.

Regards.
Dinesh Moudgil


P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee

‎10-22-2016 07:24 PM

Hello Krishna,


The implementation of VPN in multiple-mode requires the division of the total available VPN licenses among the configured contexts. The ASA administrator can configure how many licenses each context is allocated.

By default, no VPN tunnel licenses are allocated to the contexts, and the allocation of the license type must be done manually by the administrator.

Here is a document for your reference:-
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/116639-technote-asa-00.html


Regards
Dinesh Moudgil

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

Go to solution
krishnadig
Level 1
Level 1
In response to Dinesh Moudgil

‎10-22-2016 08:17 PM

Hi Dinesh,

Appreciate quick response!

Thats a very useful information. 

Do you have any more information / recommendation for Context + VPN? (I am new to using contexts). And for resource allocation.

Thanks in advance

Krishna

0 Helpful

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee
In response to krishnadig

‎10-22-2016 08:28 PM

Hello Krishna,

Apart from resource allocation that I shared previously, VPN configuration remains the same.
Here is a link for you to configure L2L VPN on ASA which almost remains the same irrespective of context mode

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/119141-configure-asa-00.html

Here is a document to get you started with resource allocation on multiple context:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/ha_contexts.html#75590


Hope this helps.

Regards.
Dinesh Moudgil


P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
0 Helpful
Customers Also Viewed These Support Documents