Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1545
Views
0
Helpful
1
Replies

ASA Support for IPSec with OSPF

hamzaburney
Level 1
Level 1

‎06-13-2016 05:02 PM - edited ‎02-21-2020 08:51 PM

Hi, 

   It seems like I cant do GRE tunnels on ASA? and neither can I do IPSec VPN Tunnels and run OSPF over the tunnel interface?

Can you guys please confirm me on this and suggest whats the best way out if I want to build 2 x Site-to-Site IPSec tunnel and do fail-over between dual links using ASA? 

Thanks.

Labels:
0 Helpful
1 Reply 1

David Castro F.
Spotlight
Spotlight

‎06-13-2016 07:03 PM

Hello,

ASA does not support GRE interfaces or mGRE interfaces, and you can configure a L2L with OSPF across, you will need to allow Unicast OSPF through IPSec, and for dual ISP, you may configure IP SLA monitor as well:

Configure OSPF across VPN

- http://www.networkengineerblog.com/2009/12/configuring-ospf-on-cisco-asa-firewall.html

IP SLA with Dual ISP:

- http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/70559-pix-dual-isp.html

Keep me posted, please proceed to rate and mark as correct the helpful post!

David Castro,

0 Helpful
Customers Also Viewed These Support Documents