Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
193
Views
0
Helpful
0
Replies

ASA - DHCP relay over S2S VPN with Dual ISP

rgrabczewski
Level 1
Level 1

‎11-08-2016 02:28 AM

Hi Guys,

I have an ASA 5506-x with dual ISP setup and primary and backup S2S VPN to a DC where domain controllers, DHCP and other services seat.

Devices on LAN obtain IPs from DHCP servers in DC over S2S VPN.

How can I configure the same IP address for DHCP Relay through S2S VPN over primary and backup links? ASA won't let me to add the same IP address on the secondary line.

My setup

Primary ISP - Outside-1

Seconday ISP - Outside-2

LAN - Inside

S2S VPN goes over Outside-1 until there is an outage on it, then it will switch over to Outside-2.

My DHCP Relay config is as follows:

dhcprelay server 10.20.63.211 Outside-1
dhcprelay server 10.20.63.210 Outside-1
dhcprelay enable Inside
dhcprelay timeout 60

When I am adding the same server for the secondary line, the ASA just overwrites the config

Any clue how can I deliver it?

Thanks,

Robert

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents