cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
309
Views
0
Helpful
3
Replies

ASA with 2 L2L vpns to two routers with the same network behind them

d-fillmore
Level 2
Level 2

I have a requirement whereby I have an ASA with a L2L tunnel to two routers. Both routers are on the same site and have the same network behind them. I thought of using HSRP on the public interfaces of the routers linked to the crypto-map but they are both connected to different ISPs so I don't think that'll work.

Is there a way of achieving this?

Many Thanks in advance

Dom

3 Replies 3

andrew.prince
Level 10
Level 10

You can configure in the ASA crypto map both ip addresses of the routers for the VPN tunnel.

The ASA will try the first one and connect - if the connections drops and the first IP address is not reachable, it will use the second IP.

HTH>

Hi Andrew,

Thanks for your reply - Is this something you've successfully implemented?

Cheers, Dom

Dom,

np - yes I have done it like this before, and a few variations on the theme.

I personally prefer GRE tunnels with dynamic routing and keepalives.

But doing it this way with static routes, works just as well.

HTH>