Right now I am trying my best to get a VPN configured and working, this is my first attempt and also new to Cisco products. I have attached a copy of my network diagram, to help show what I have and how it is layed out. The way I have things running now, is that my first ASA is configured on for firewall and security. I have that going directly into my Cisco Router and the router handles the DHCP, DNS, and so on. I have an extra ASA, can I configure that one to act as the VPN access to my network, so I don't have to mess with my primary one?
You could set the second ASA up to terminate your VPN connections, but it may be more resilient to cluster your spare ASA with the primary and have that device do both VPN & Firewall. This way your VPN concentrator & firewall will be protected in case of equipment failure. Another option may be to terminate VPN at the 3660 depending on what version of code that runs.
I like the cluster idea...but how would I do that? I am new to all this, mainly learning as I go....would you be willing to assist in the setup of the second ASA?
You can have the 2 ASA's in a cluster or Primary/Secondary formation, so that you would have a failover mechanism. Following link provides you with complete details of such a configuration:
This link provides you with configuration of VPN on the ASA:
Now if you configure for cluster configuaration, u only need to configure for vpn and firewall on one of the ASA(primary) and it would be replicated to the other ASA(standby). The 1st link given above will provide you with complete details.
Let me know if this helps,
Here are the license requirements for Active/Standby configuration:
License requirements for Active/Active failvoer configuration:
Let me know if this answers your question,