10-22-2016 09:16 AM
Hello,
I am planning to combine two ASA 5510 (used for separate S2S VPN requirements) into a single Cisco ASA 5512-X using contexts. I would like to know if anyone has deployed S2S VPNs in multi context mode, any known issues and how resource allocation is done (for example)?
Thanks in advance
Krishna
Solved! Go to Solution.
10-22-2016 07:24 PM
Hello Krishna,
The implementation of VPN in multiple-mode requires the division of the total available VPN licenses among the configured contexts. The ASA administrator can configure how many licenses each context is allocated.
By default, no VPN tunnel licenses are allocated to the contexts, and the allocation of the license type must be done manually by the administrator.
Here is a document for your reference:-
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/116639-technote-asa-00.html
Regards
Dinesh Moudgil
P.S. Please rate helpful posts.
10-22-2016 08:28 PM
Hello Krishna,
Apart from resource allocation that I shared previously, VPN configuration remains the same.
Here is a link for you to configure L2L VPN on ASA which almost remains the same irrespective of context mode
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/119141-configure-asa-00.html
Here is a document to get you started with resource allocation on multiple
http://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/ha_contexts.html#75590
Hope this helps.
Regards.
Dinesh Moudgil
P.S. Please rate helpful posts.
10-22-2016 07:24 PM
Hello Krishna,
The implementation of VPN in multiple-mode requires the division of the total available VPN licenses among the configured contexts. The ASA administrator can configure how many licenses each context is allocated.
By default, no VPN tunnel licenses are allocated to the contexts, and the allocation of the license type must be done manually by the administrator.
Here is a document for your reference:-
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/116639-technote-asa-00.html
Regards
Dinesh Moudgil
P.S. Please rate helpful posts.
10-22-2016 08:17 PM
Hi Dinesh,
Appreciate quick response!
Thats a very useful information.
Do you have any more information / recommendation for Context + VPN? (I am new to using contexts). And for resource allocation.
Thanks in advance
Krishna
10-22-2016 08:28 PM
Hello Krishna,
Apart from resource allocation that I shared previously, VPN configuration remains the same.
Here is a link for you to configure L2L VPN on ASA which almost remains the same irrespective of context mode
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/119141-configure-asa-00.html
Here is a document to get you started with resource allocation on multiple
http://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/ha_contexts.html#75590
Hope this helps.
Regards.
Dinesh Moudgil
P.S. Please rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide