Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
615
Views
0
Helpful
1
Replies

Asa 8.2x IP SLA Ipsec failover fixed or broken in 8.2(5)41

dmooreami
Level 3
Level 3

‎12-11-2013 06:57 AM - edited ‎02-21-2020 07:22 PM

running 5505 with 8.2(5)41 code. using Site-to-Site Ipsec tunnels.  Want to configure port 0 as the primary ISP and port 1 as the failover ISP.  In the past when primary ISP fails, failover does occur.

But when my primary ISP does come back up and can be "pinged" by all, port 0 would NOT become the active interface and traffic & Ipsec tunnels would NOT fail "back" to the primary interface in earlier versions of the code.

Tried some "later versions", but it still had issues.

Can anyone verify a version of  8.2.x that this feature does actually work?

Thanks

Labels:
0 Helpful
1 Reply 1

dmooreami
Level 3
Level 3

‎12-12-2013 06:40 AM

So 54 views, not "yes it is fixed" , so going to assume still broken. Will adjust my  failover to just provide internet if Primary ISP circuit fails, won't bother configuring up ipsec tunnels for the secondary ISP circuit.

I have about a 30 days before need to implement. maybe some will know for sure by then.

Thanks

0 Helpful
Customers Also Viewed These Support Documents