Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
771
Views
0
Helpful
2
Replies

site to Site vpn with two client interfaces

altaf.shah
Level 1
Level 1

‎03-20-2011 09:16 PM

Hi guys,

I am stuck with the configuration here...

We have many remote sites with site to site VPN, Head Office we hav asa 5540 and clients we have Cisco 2800, Some of the sites have redandunt connnections with two different ISPs.

We want to setup VPN on both interfaces, in case one interface is down the other one shud comeup..

so any body with experience of such scenarios or can help us?

Labels:
0 Helpful
2 Replies 2

Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎03-21-2011 01:29 PM

Hi,

Having an ASA as the VPN server and 2800 as client you can configure both WAN interfaces on the routers to establish the VPN to the ASA.

By means of IP SLA (or a routing protocol), you configure the router to use the primary Internet connection to establish the tunnel to the ASA and if it fails to use the backup internet connection to establish the tunnel to the ASA.


The good thing is that when the primary connection recovers, the tunnel can be restablished through this link again.

Federico.

0 Helpful

altaf.shah
Level 1
Level 1
In response to Federico Coto Fajardo

‎03-21-2011 10:39 PM

thanks Federico,

Can you please paste some example config ? link will be good.

i tried to googl but couldnt find the one which i am looking for.

let me revise it again.

the Client have only one router with two interfaces connecting to two ISPs, so how can we reset the tunnel using SLA..

Appreciate ur support.

0 Helpful
Customers Also Viewed These Support Documents