Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
598
Views
0
Helpful
2
Replies

S2S with ISP failover

majedalanni
Level 1
Level 1

‎07-15-2011 06:29 AM

Dears

I have question how to setup a VPN failover with a failover ISP

my senario

ASA(1) -------------------------------        internet        --------ISP1--------------   ASA(2)

                                                                      -------ISP2---------------- ASA(2)

My ASA (1) have S2S tunnle configured to ASA(2) ISP1 interfate. ASA(2) have ISP failover. When ISP1 down I lost the tunnel connection!

Should I creat another S2S tunnel to ASA(2) ISP2 interface or the is another way to do it?

Thanks in advance!

Mike

Labels:
0 Helpful
2 Replies 2

Jennifer Halim
Cisco Employee
Cisco Employee

‎07-16-2011 05:53 AM

No, you can't create another S2S tunnel.

On ASA (1), just configure 2 IP Address on the "set peer" command, first with the first ISP and second IP with the second ISP.

You would also need to configure the pre-shared-key for ISP2 IP Address as well.

0 Helpful

majedalanni
Level 1
Level 1
In response to Jennifer Halim

‎07-19-2011 12:14 PM

I will give a try and update you if it works

Thanks

0 Helpful
Customers Also Viewed These Support Documents