ASA Redundant L2L VPNs

mdalliman · ‎08-31-2018

Good morning all,

I am currently working on making our WAN connections redundant. at our main sites we have either fiber or coax connections as the main connection with a Cellular back up. I am currently trying to emulate this in Virl. I have tried doing this two different ways one way I can get the tunnel up but only show rx one side and tx on the other that was by doing two different crypto maps. I have also tried to set the set multiple peer ip address's on the hub remote side will send the request to create the connect but the hub will deny the request that is with the same crypto map and two ip's in the set peer. any help would be greatly appreciated

balaji.bandi · ‎08-31-2018

If both VPN up all the time, why not use IP SLA with tracking destination IP using source.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

mdalliman · ‎08-31-2018

So i do have that setup on the gw but i want it to go to the fiber on the hub no matter what

balaji.bandi · ‎09-01-2018

Then setup routing to go to Fibre as prefered link with IP SLA tracking if that fails go to other Secondary link.

you need further assistance post the full config to look and suggest.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

mdalliman · ‎09-01-2018

So when i set it up with two different crypto maps on the hub end i can get the can get the vpn connection to connect on both connections on coax and cellular. On coax it will connect and transmit and receive packets just fine. But when the sla switches over to the cellular connection. It connect and the hub side is transmitting but not receiving and the hub end is receiving but not transmitting